[PATCH bpf-next] bpf: add security_file_mprotect() to sleepable_lsm_hooks BTF set

[Matt Bobrowski]

security_file_mprotect() is missing from the sleepable_lsm_hooks BTF
set. Add it so that operations performed by a BPF program which may
result in the thread being put to sleep are permitted.

Building a kernel with the DEBUG_ATOMIC_SLEEP confiuration option
enabled and running reasonable workloads stimulating a BPF program
attached to security_file_mprotect() which could end up performing an
operation that could sleep resulted in no splats.

Signed-off-by: Matt Bobrowski <mattbobrowski at google.com>
---
 kernel/bpf/bpf_lsm.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/kernel/bpf/bpf_lsm.c b/kernel/bpf/bpf_lsm.c
index 68240c3c6e7d..da52c955f3ca 100644
--- a/kernel/bpf/bpf_lsm.c
+++ b/kernel/bpf/bpf_lsm.c
@@ -277,10 +277,13 @@ BTF_ID(func, bpf_lsm_bprm_creds_from_file)
 BTF_ID(func, bpf_lsm_capget)
 BTF_ID(func, bpf_lsm_capset)
 BTF_ID(func, bpf_lsm_cred_prepare)
+
 BTF_ID(func, bpf_lsm_file_ioctl)
 BTF_ID(func, bpf_lsm_file_lock)
 BTF_ID(func, bpf_lsm_file_open)
 BTF_ID(func, bpf_lsm_file_receive)
+BTF_ID(func, bpf_lsm_mmap_file)
+BTF_ID(func, bpf_lsm_file_mprotect)
 
 BTF_ID(func, bpf_lsm_inode_create)
 BTF_ID(func, bpf_lsm_inode_free_security)
@@ -316,7 +319,6 @@ BTF_ID(func, bpf_lsm_path_chown)
 BTF_ID(func, bpf_lsm_key_free)
 #endif /* CONFIG_KEYS */
 
-BTF_ID(func, bpf_lsm_mmap_file)
 BTF_ID(func, bpf_lsm_netlink_send)
 BTF_ID(func, bpf_lsm_path_notify)
 BTF_ID(func, bpf_lsm_release_secctx)
-- 
2.43.0.429.g432eaa2c6b-goog

/M