| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180603073654.3600598-1-yhs@fb.com> Date: Sun, 3 Jun 2018 00:36:51 -0700 From: Yonghong Song <yhs@...com> To: <ast@...com>, <daniel@...earbox.net>, <netdev@...r.kernel.org> CC: <kernel-team@...com> Subject: [PATCH net-next 0/3] bpf: implement bpf_get_current_cgroup_id() helper bpf has been used extensively for tracing. For example, bcc contains an almost full set of bpf-based tools to trace kernel and user functions/events. Most tracing tools are currently either filtered based on pid or system-wide. Containers have been used quite extensively in industry and cgroup is often used together to provide resource isolation and protection. Several processes may run inside the same container. It is often desirable to get container-level tracing results as well, e.g. syscall count, function count, I/O activity, etc. This patch implements a new helper, bpf_get_current_cgroup_id(), which will return cgroup id based on the cgroup within which the current task is running. Patch #1 implements the new helper in the kernel. Patch #2 syncs the uapi bpf.h header and helper between tools and kernel. Patch #3 shows how to get the same cgroup id in user space, so a filter or policy could be configgured in the bpf program based on current task cgroup. Yonghong Song (3): bpf: implement bpf_get_current_cgroup_id() helper tools/bpf: sync uapi bpf.h for bpf_get_current_cgroup_id() helper tools/bpf: add a selftest for bpf_get_current_cgroup_id() helper include/linux/bpf.h | 1 + include/uapi/linux/bpf.h | 9 +- kernel/bpf/core.c | 1 + kernel/bpf/helpers.c | 15 +++ kernel/trace/bpf_trace.c | 2 + tools/include/uapi/linux/bpf.h | 9 +- tools/testing/selftests/bpf/.gitignore | 1 + tools/testing/selftests/bpf/Makefile | 6 +- tools/testing/selftests/bpf/bpf_helpers.h | 2 + tools/testing/selftests/bpf/cgroup_helpers.c | 57 +++++++++ tools/testing/selftests/bpf/cgroup_helpers.h | 1 + tools/testing/selftests/bpf/get_cgroup_id_kern.c | 28 +++++ tools/testing/selftests/bpf/get_cgroup_id_user.c | 141 +++++++++++++++++++++++ 13 files changed, 269 insertions(+), 4 deletions(-) create mode 100644 tools/testing/selftests/bpf/get_cgroup_id_kern.c create mode 100644 tools/testing/selftests/bpf/get_cgroup_id_user.c -- 2.9.5
Powered by blists - more mailing lists