bpf: Implement task local storage

Similar to bpf_local_storage for sockets and inodes add local storage for task_struct. The life-cycle of storage is managed with the life-cycle of the task_struct. i.e. the storage is destroyed along with the owning task with a callback to the bpf_task_storage_free from the task_free LSM hook. The BPF LSM allocates an __rcu pointer to the bpf_local_storage in the security blob which are now stackable and can co-exist with other LSMs. The userspace map operations can be done by using a pid fd as a key passed to the lookup, update and delete operations. Signed-off-by: KP Singh <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Acked-by: Song Liu <[email protected]> Acked-by: Martin KaFai Lau <[email protected]> Link: https://lore.kernel.org/bpf/[email protected]
torvalds · Nov 6, 2020 · 4cf1bc1 · 4cf1bc1
1 parent 9e7a4d9
commit 4cf1bc1
Show file tree

Hide file tree

Showing 10 changed files with 436 additions and 1 deletion.
diff --git a/include/linux/bpf_lsm.h b/include/linux/bpf_lsm.h
diff --git a/include/linux/bpf_types.h b/include/linux/bpf_types.h
diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
diff --git a/kernel/bpf/Makefile b/kernel/bpf/Makefile
diff --git a/kernel/bpf/bpf_lsm.c b/kernel/bpf/bpf_lsm.c
diff --git a/kernel/bpf/bpf_task_storage.c b/kernel/bpf/bpf_task_storage.c
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c
diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h