[PATCH bpf-next 1/2] bpf: implement bpf_send_signal_pid/tgid() helpers
From: Puranjay Mohan
Date: Wed Jul 24 2024 - 07:40:08 EST
Implement bpf_send_signal_pid and bpf_send_signal_tgid helpers which are
similar to bpf_send_signal_thread and bpf_send_signal helpers
respectively but can be used to send signals to other threads and
processes.
Signed-off-by: Puranjay Mohan <puranjay@xxxxxxxxxx>
---
include/uapi/linux/bpf.h | 37 ++++++++++++++++++++++++
kernel/trace/bpf_trace.c | 53 +++++++++++++++++++++++++++++-----
tools/include/uapi/linux/bpf.h | 37 ++++++++++++++++++++++++
3 files changed, 120 insertions(+), 7 deletions(-)
diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
index 35bcf52dbc65..7b29003c079c 100644
--- a/include/uapi/linux/bpf.h
+++ b/include/uapi/linux/bpf.h
@@ -5792,6 +5792,41 @@ union bpf_attr {
* 0 on success.
*
* **-ENOENT** if the bpf_local_storage cannot be found.
+ *
+ * long bpf_send_signal_pid(u32 sig, u32 pid)
+ * Description
+ * Send signal *sig* to the thread corresponding to the
+ * process id *pid*.
+ * Return
+ * 0 on success or successfully queued.
+ *
+ * **-EBUSY** if work queue under nmi is full.
+ *
+ * **-EINVAL** if *sig* is invalid.
+ *
+ * **-EPERM** if no permission to send the *sig*.
+ *
+ * **-EAGAIN** if bpf program can try again.
+ *
+ * **-ESRCH** if *pid* is invalid.
+ *
+ * long bpf_send_signal_tgid(u32 sig, u32 tgid)
+ * Description
+ * Send signal *sig* to the process corresponding to the
+ * thread group id *tgid*.
+ * The signal may be delivered to any of this process's threads.
+ * Return
+ * 0 on success or successfully queued.
+ *
+ * **-EBUSY** if work queue under nmi is full.
+ *
+ * **-EINVAL** if *sig* is invalid.
+ *
+ * **-EPERM** if no permission to send the *sig*.
+ *
+ * **-EAGAIN** if bpf program can try again.
+ *
+ * **-ESRCH** if *tgid* is invalid.
*/
#define ___BPF_FUNC_MAPPER(FN, ctx...) \
FN(unspec, 0, ##ctx) \
@@ -6006,6 +6041,8 @@ union bpf_attr {
FN(user_ringbuf_drain, 209, ##ctx) \
FN(cgrp_storage_get, 210, ##ctx) \
FN(cgrp_storage_delete, 211, ##ctx) \
+ FN(send_signal_pid, 212, ##ctx) \
+ FN(send_signal_tgid, 213, ##ctx) \
/* */
/* backwards-compatibility macros for users of __BPF_FUNC_MAPPER that don't
diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index cd098846e251..f1e58122600d 100644
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -839,21 +839,30 @@ static void do_bpf_send_signal(struct irq_work *entry)
put_task_struct(work->task);
}
-static int bpf_send_signal_common(u32 sig, enum pid_type type)
+static int bpf_send_signal_common(u32 sig, enum pid_type type, u32 pid)
{
struct send_signal_irq_work *work = NULL;
+ struct task_struct *tsk;
+
+ if (pid) {
+ tsk = find_task_by_vpid(pid);
+ if (!tsk)
+ return -ESRCH;
+ } else {
+ tsk = current;
+ }
/* Similar to bpf_probe_write_user, task needs to be
* in a sound condition and kernel memory access be
* permitted in order to send signal to the current
* task.
*/
- if (unlikely(current->flags & (PF_KTHREAD | PF_EXITING)))
+ if (unlikely(tsk->flags & (PF_KTHREAD | PF_EXITING)))
return -EPERM;
if (unlikely(!nmi_uaccess_okay()))
return -EPERM;
/* Task should not be pid=1 to avoid kernel panic. */
- if (unlikely(is_global_init(current)))
+ if (unlikely(is_global_init(tsk)))
return -EPERM;
if (irqs_disabled()) {
@@ -871,19 +880,19 @@ static int bpf_send_signal_common(u32 sig, enum pid_type type)
* to the irq_work. The current task may change when queued
* irq works get executed.
*/
- work->task = get_task_struct(current);
+ work->task = get_task_struct(tsk);
work->sig = sig;
work->type = type;
irq_work_queue(&work->irq_work);
return 0;
}
- return group_send_sig_info(sig, SEND_SIG_PRIV, current, type);
+ return group_send_sig_info(sig, SEND_SIG_PRIV, tsk, type);
}
BPF_CALL_1(bpf_send_signal, u32, sig)
{
- return bpf_send_signal_common(sig, PIDTYPE_TGID);
+ return bpf_send_signal_common(sig, PIDTYPE_TGID, 0);
}
static const struct bpf_func_proto bpf_send_signal_proto = {
@@ -895,7 +904,7 @@ static const struct bpf_func_proto bpf_send_signal_proto = {
BPF_CALL_1(bpf_send_signal_thread, u32, sig)
{
- return bpf_send_signal_common(sig, PIDTYPE_PID);
+ return bpf_send_signal_common(sig, PIDTYPE_PID, 0);
}
static const struct bpf_func_proto bpf_send_signal_thread_proto = {
@@ -905,6 +914,32 @@ static const struct bpf_func_proto bpf_send_signal_thread_proto = {
.arg1_type = ARG_ANYTHING,
};
+BPF_CALL_2(bpf_send_signal_pid, u32, sig, u32, pid)
+{
+ return bpf_send_signal_common(sig, PIDTYPE_PID, pid);
+}
+
+static const struct bpf_func_proto bpf_send_signal_pid_proto = {
+ .func = bpf_send_signal_pid,
+ .gpl_only = false,
+ .ret_type = RET_INTEGER,
+ .arg1_type = ARG_ANYTHING,
+ .arg2_type = ARG_ANYTHING,
+};
+
+BPF_CALL_2(bpf_send_signal_tgid, u32, sig, u32, tgid)
+{
+ return bpf_send_signal_common(sig, PIDTYPE_TGID, tgid);
+}
+
+static const struct bpf_func_proto bpf_send_signal_tgid_proto = {
+ .func = bpf_send_signal_tgid,
+ .gpl_only = false,
+ .ret_type = RET_INTEGER,
+ .arg1_type = ARG_ANYTHING,
+ .arg2_type = ARG_ANYTHING,
+};
+
BPF_CALL_3(bpf_d_path, struct path *, path, char *, buf, u32, sz)
{
struct path copy;
@@ -1583,6 +1618,10 @@ bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
return &bpf_send_signal_proto;
case BPF_FUNC_send_signal_thread:
return &bpf_send_signal_thread_proto;
+ case BPF_FUNC_send_signal_pid:
+ return &bpf_send_signal_pid_proto;
+ case BPF_FUNC_send_signal_tgid:
+ return &bpf_send_signal_tgid_proto;
case BPF_FUNC_perf_event_read_value:
return &bpf_perf_event_read_value_proto;
case BPF_FUNC_ringbuf_output:
diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h
index 35bcf52dbc65..7b29003c079c 100644
--- a/tools/include/uapi/linux/bpf.h
+++ b/tools/include/uapi/linux/bpf.h
@@ -5792,6 +5792,41 @@ union bpf_attr {
* 0 on success.
*
* **-ENOENT** if the bpf_local_storage cannot be found.
+ *
+ * long bpf_send_signal_pid(u32 sig, u32 pid)
+ * Description
+ * Send signal *sig* to the thread corresponding to the
+ * process id *pid*.
+ * Return
+ * 0 on success or successfully queued.
+ *
+ * **-EBUSY** if work queue under nmi is full.
+ *
+ * **-EINVAL** if *sig* is invalid.
+ *
+ * **-EPERM** if no permission to send the *sig*.
+ *
+ * **-EAGAIN** if bpf program can try again.
+ *
+ * **-ESRCH** if *pid* is invalid.
+ *
+ * long bpf_send_signal_tgid(u32 sig, u32 tgid)
+ * Description
+ * Send signal *sig* to the process corresponding to the
+ * thread group id *tgid*.
+ * The signal may be delivered to any of this process's threads.
+ * Return
+ * 0 on success or successfully queued.
+ *
+ * **-EBUSY** if work queue under nmi is full.
+ *
+ * **-EINVAL** if *sig* is invalid.
+ *
+ * **-EPERM** if no permission to send the *sig*.
+ *
+ * **-EAGAIN** if bpf program can try again.
+ *
+ * **-ESRCH** if *tgid* is invalid.
*/
#define ___BPF_FUNC_MAPPER(FN, ctx...) \
FN(unspec, 0, ##ctx) \
@@ -6006,6 +6041,8 @@ union bpf_attr {
FN(user_ringbuf_drain, 209, ##ctx) \
FN(cgrp_storage_get, 210, ##ctx) \
FN(cgrp_storage_delete, 211, ##ctx) \
+ FN(send_signal_pid, 212, ##ctx) \
+ FN(send_signal_tgid, 213, ##ctx) \
/* */
/* backwards-compatibility macros for users of __BPF_FUNC_MAPPER that don't
--
2.40.1