Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution

[PATCH bpf-next v7 0/8] MAC and Audit policy using eBPF (KRSI) · KP Singh <hidden> · 2020-03-26
[PATCH bpf-next v7 1/8] bpf: Introduce BPF_PROG_TYPE_LSM · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 1/8] bpf: Introduce BPF_PROG_TYPE_LSM · James Morris <jmorris@namei.org> · 2020-03-27
[PATCH bpf-next v7 2/8] security: Refactor declaration of LSM hooks · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 2/8] security: Refactor declaration of LSM hooks · James Morris <jmorris@namei.org> · 2020-03-27
[PATCH bpf-next v7 3/8] bpf: lsm: provide attachment points for BPF LSM programs · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 3/8] bpf: lsm: provide attachment points for BPF LSM programs · James Morris <jmorris@namei.org> · 2020-03-27
[PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · Andrii Nakryiko <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · James Morris <jmorris@namei.org> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · Stephen Smalley <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · KP Singh <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · Stephen Smalley <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · KP Singh <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · Casey Schaufler <casey@schaufler-ca.com> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · Kees Cook <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · KP Singh <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · Alexei Starovoitov <hidden> · 2020-03-27
Re: [PATCH bpf-next v7 4/8] bpf: lsm: Implement attach, detach and execution · KP Singh <hidden> · 2020-03-27
[PATCH bpf-next v7 5/8] bpf: lsm: Initialize the BPF LSM hooks · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 5/8] bpf: lsm: Initialize the BPF LSM hooks · James Morris <jmorris@namei.org> · 2020-03-27
[PATCH bpf-next v7 8/8] bpf: lsm: Add Documentation · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 8/8] bpf: lsm: Add Documentation · Andrii Nakryiko <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 8/8] bpf: lsm: Add Documentation · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 8/8] bpf: lsm: Add Documentation · Andrii Nakryiko <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 8/8] bpf: lsm: Add Documentation · James Morris <jmorris@namei.org> · 2020-03-27
[PATCH bpf-next v7 7/8] bpf: lsm: Add selftests for BPF_PROG_TYPE_LSM · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 7/8] bpf: lsm: Add selftests for BPF_PROG_TYPE_LSM · Andrii Nakryiko <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 7/8] bpf: lsm: Add selftests for BPF_PROG_TYPE_LSM · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 7/8] bpf: lsm: Add selftests for BPF_PROG_TYPE_LSM · James Morris <jmorris@namei.org> · 2020-03-27
[PATCH bpf-next v7 6/8] tools/libbpf: Add support for BPF_PROG_TYPE_LSM · KP Singh <hidden> · 2020-03-26
Re: [PATCH bpf-next v7 6/8] tools/libbpf: Add support for BPF_PROG_TYPE_LSM · James Morris <jmorris@namei.org> · 2020-03-27

From: Andrii Nakryiko <hidden>
Date: 2020-03-26 19:12:34
Also in: bpf, lkml

On Thu, Mar 26, 2020 at 7:29 AM KP Singh [off-list ref] wrote:

From: KP Singh <redacted>

JITed BPF programs are dynamically attached to the LSM hooks
using BPF trampolines. The trampoline prologue generates code to handle
conversion of the signature of the hook to the appropriate BPF context.

The allocated trampoline programs are attached to the nop functions
initialized as LSM hooks.

BPF_PROG_TYPE_LSM programs must have a GPL compatible license and
and need CAP_SYS_ADMIN (required for loading eBPF programs).

Upon attachment:

* A BPF fexit trampoline is used for LSM hooks with a void return type.
* A BPF fmod_ret trampoline is used for LSM hooks which return an
  int. The attached programs can override the return value of the
  bpf LSM hook to indicate a MAC Policy decision.

Signed-off-by: KP Singh <redacted>
Reviewed-by: Brendan Jackman <jackmanb@google.com>
Reviewed-by: Florent Revest <redacted>
---

Acked-by: Andrii Nakryiko <redacted>

 include/linux/bpf_lsm.h | 11 ++++++++
 kernel/bpf/bpf_lsm.c    | 28 ++++++++++++++++++++
 kernel/bpf/btf.c        |  9 ++++++-
 kernel/bpf/syscall.c    | 57 ++++++++++++++++++++++++++++-------------
 kernel/bpf/trampoline.c | 17 +++++++++---
 kernel/bpf/verifier.c   | 19 +++++++++++---
 6 files changed, 114 insertions(+), 27 deletions(-)

[...]

quoted hunk ↗ jump to hunk

@@ -2479,6 +2496,10 @@ static int bpf_raw_tracepoint_open(const union bpf_attr *attr)
                }
                buf[sizeof(buf) - 1] = 0;
                tp_name = buf;
+               break;
+       default:
+                       err = -EINVAL;
+                       goto out_put_prog;
        }

is indentation off here or it's my email client?

[...]

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help