bpf: do not freeze if bpf lsm fails to set up

BPF LSM is cgroup unaware and it's set up is happening in core manager. It occures that the current implementation is too restrictive and causes pid 1 to freeze. Instead: * in bpf_lsm_setup set manager->restrict_fs pointer last, so it is an indicator that the set up was successful * check for manager->restrict_fs before applying unit options
Merge pull request #22031 from floppym/issue22001-1
2026-04-12 18:14:51 +02:00 · 2022-01-07 16:25:45 +09:00 · 2022-01-07 12:28:47 +09:00 · 2022-01-06 14:12:33 -05:00 · 2022-01-06 14:09:30 -05:00
4 changed files with 21 additions and 10 deletions
--- a/src/core/bpf-lsm.c
+++ b/src/core/bpf-lsm.c
@ -176,7 +176,7 @@ int lsm_bpf_supported(void) {
 }

 int lsm_bpf_setup(Manager *m) {
-        struct restrict_fs_bpf *obj;
+        _cleanup_(restrict_fs_bpf_freep) struct restrict_fs_bpf *obj = NULL;
        _cleanup_(bpf_link_freep) struct bpf_link *link = NULL;
        int r;

@ -186,17 +186,16 @@ int lsm_bpf_setup(Manager *m) {
        if (r < 0)
                return r;

-        m->restrict_fs = obj;
-
-        link = sym_bpf_program__attach_lsm(m->restrict_fs->progs.restrict_filesystems);
+        link = sym_bpf_program__attach_lsm(obj->progs.restrict_filesystems);
        r = sym_libbpf_get_error(link);
        if (r != 0)
                return log_error_errno(r, "Failed to link '%s' LSM BPF program: %m",
-                                       sym_bpf_program__name(m->restrict_fs->progs.restrict_filesystems));
+                                       sym_bpf_program__name(obj->progs.restrict_filesystems));

        log_info("LSM BPF program attached");

-        m->restrict_fs->links.restrict_filesystems = TAKE_PTR(link);
+        obj->links.restrict_filesystems = TAKE_PTR(link);
+        m->restrict_fs = TAKE_PTR(obj);

        return 0;
 }
@ -210,6 +209,10 @@ int lsm_bpf_unit_restrict_filesystems(Unit *u, const Set *filesystems, bool allo
        assert(filesystems);
        assert(u);

+        if (!u->manager->restrict_fs)
+                return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
+                                            "Restrict filesystems BPF object is not set, BPF LSM setup has failed?");
+
        int inner_map_fd = sym_bpf_create_map(
                        BPF_MAP_TYPE_HASH,
                        sizeof(uint32_t),
--- a/src/core/execute.c
+++ b/src/core/execute.c
@ -1732,9 +1732,16 @@ static int apply_lock_personality(const Unit* u, const ExecContext *c) {

 #if HAVE_LIBBPF
 static bool skip_lsm_bpf_unsupported(const Unit* u, const char* msg) {
+        assert(u);
+        assert(u->manager);
+
        if (lsm_bpf_supported())
                return false;

+        /* lsm_bpf_setup succeeded */
+        if (u->manager->restrict_fs)
+                return false;
+
        log_unit_debug(u, "LSM BPF not supported, skipping %s", msg);
        return true;
 }
--- a/src/core/manager.c
+++ b/src/core/manager.c
@ -933,7 +933,7 @@ int manager_new(UnitFileScope scope, ManagerTestRunFlags test_run_flags, Manager
                if (MANAGER_IS_SYSTEM(m) && lsm_bpf_supported()) {
                        r = lsm_bpf_setup(m);
                        if (r < 0)
-                                return r;
+                                log_warning_errno(r, "Failed to setup LSM BPF, ignoring: %m");
                }
 #endif
        }
--- a/src/test/test-watchdog.c
+++ b/src/test/test-watchdog.c
@ -17,7 +17,7 @@ int main(int argc, char *argv[]) {

        slow = slow_tests_enabled();

-        t = slow ? 10 * USEC_PER_SEC : 1 * USEC_PER_SEC;
+        t = slow ? 10 * USEC_PER_SEC : 2 * USEC_PER_SEC;
        count = slow ? 5 : 3;

        r = watchdog_setup(t);
@ -27,12 +27,13 @@ int main(int argc, char *argv[]) {
                t = 0;

        for (i = 0; i < count; i++) {
+                t = watchdog_runtime_wait();
+                log_info("Sleeping " USEC_FMT " microseconds...", t);
+                usleep(t);
                log_info("Pinging...");
                r = watchdog_ping();
                if (r < 0)
                        log_warning_errno(r, "Failed to ping watchdog: %m");
-
-                usleep(t/2);
        }

        watchdog_close(true);
Author	SHA1	Message	Date
Julia Kartseva	299d941723	bpf: do not freeze if bpf lsm fails to set up BPF LSM is cgroup unaware and it's set up is happening in core manager. It occures that the current implementation is too restrictive and causes pid 1 to freeze. Instead: * in bpf_lsm_setup set manager->restrict_fs pointer last, so it is an indicator that the set up was successful * check for manager->restrict_fs before applying unit options	2022-01-07 16:25:45 +09:00
Yu Watanabe	2bdd2e7ac9	Merge pull request #22031 from floppym/issue22001-1 test-watchdog adjustments	2022-01-07 12:28:47 +09:00
Mike Gilbert	23126a7b9b	test-watchdog: set timeout to 2 seconds by default Some hardware/drivers do not handle a 1 second timeout properly. Fixes: https://github.com/systemd/systemd/issues/22001	2022-01-06 14:12:33 -05:00
Mike Gilbert	788c2d9523	test-watchdog: use watchdog_runtime_wait() to determine sleep interval As sugggested in https://github.com/systemd/systemd/issues/22001#issuecomment-1006755438.	2022-01-06 14:09:30 -05:00