Re: [PATCH v5 bpf-next 0/5] Add bpf_getxattr

[PATCH v5 bpf-next 0/5] Add bpf_getxattr · KP Singh <kpsingh@kernel.org> · 2022-06-28
[PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · KP Singh <kpsingh@kernel.org> · 2022-06-28
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Christian Brauner <brauner@kernel.org> · 2022-06-28
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · KP Singh <kpsingh@kernel.org> · 2022-06-28
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Alexei Starovoitov <hidden> · 2022-06-28
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Christian Brauner <brauner@kernel.org> · 2022-06-29
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Christian Brauner <brauner@kernel.org> · 2022-06-29
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Alexei Starovoitov <hidden> · 2022-06-30
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Christian Brauner <brauner@kernel.org> · 2022-06-30
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · KP Singh <kpsingh@kernel.org> · 2022-06-30
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · KP Singh <kpsingh@kernel.org> · 2022-06-30
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Christian Brauner <brauner@kernel.org> · 2022-06-30
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · KP Singh <kpsingh@kernel.org> · 2022-06-30
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Christian Brauner <brauner@kernel.org> · 2022-06-30
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Christian Brauner <brauner@kernel.org> · 2022-06-30
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Casey Schaufler <casey@schaufler-ca.com> · 2022-06-30
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · KP Singh <kpsingh@kernel.org> · 2022-06-30
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Casey Schaufler <casey@schaufler-ca.com> · 2022-06-30
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Amir Goldstein <amir73il@gmail.com> · 2022-07-01
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Christian Brauner <brauner@kernel.org> · 2022-07-01
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Amir Goldstein <amir73il@gmail.com> · 2022-07-01
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · Amir Goldstein <amir73il@gmail.com> · 2022-06-30
Re: [PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr · KP Singh <kpsingh@kernel.org> · 2022-06-30
[PATCH v5 bpf-next 3/5] bpf: Allow kfuncs to be used in LSM programs · KP Singh <kpsingh@kernel.org> · 2022-06-28
[PATCH v5 bpf-next 4/5] bpf: Add a bpf_getxattr kfunc · KP Singh <kpsingh@kernel.org> · 2022-06-28
Re: [PATCH v5 bpf-next 4/5] bpf: Add a bpf_getxattr kfunc · Christian Brauner <brauner@kernel.org> · 2022-06-28
Re: [PATCH v5 bpf-next 4/5] bpf: Add a bpf_getxattr kfunc · Al Viro <viro@zeniv.linux.org.uk> · 2022-06-28
Re: [PATCH v5 bpf-next 4/5] bpf: Add a bpf_getxattr kfunc · KP Singh <kpsingh@kernel.org> · 2022-06-28
[PATCH v5 bpf-next 2/5] bpf: kfunc support for ARG_PTR_TO_CONST_STR · KP Singh <kpsingh@kernel.org> · 2022-06-28
[PATCH v5 bpf-next 1/5] btf: Add a new kfunc set which allows to mark a function to be sleepable · KP Singh <kpsingh@kernel.org> · 2022-06-28
Re: [PATCH v5 bpf-next 0/5] Add bpf_getxattr · Christian Brauner <brauner@kernel.org> · 2022-06-28
Re: [PATCH v5 bpf-next 0/5] Add bpf_getxattr · KP Singh <kpsingh@kernel.org> · 2022-06-28
Re: [PATCH v5 bpf-next 0/5] Add bpf_getxattr · KP Singh <kpsingh@kernel.org> · 2022-06-28
Re: [PATCH v5 bpf-next 0/5] Add bpf_getxattr · Dave Chinner <david@fromorbit.com> · 2022-06-29
Re: [PATCH v5 bpf-next 0/5] Add bpf_getxattr · KP Singh <kpsingh@kernel.org> · 2022-06-29
Re: [PATCH v5 bpf-next 0/5] Add bpf_getxattr · KP Singh <kpsingh@kernel.org> · 2022-06-29

From: Dave Chinner <david@fromorbit.com>
Date: 2022-06-29 01:36:44
Also in: bpf, linux-fsdevel

On Tue, Jun 28, 2022 at 07:21:42PM +0200, KP Singh wrote:

On Tue, Jun 28, 2022 at 7:20 PM KP Singh [off-list ref] wrote:

quoted

On Tue, Jun 28, 2022 at 7:13 PM Christian Brauner [off-list ref] wrote:

quoted

On Tue, Jun 28, 2022 at 04:19:43PM +0000, KP Singh wrote:

quoted

v4 -> v5

- Fixes suggested by Andrii

v3 -> v4

- Fixed issue incorrect increment of arg counter
- Removed __weak and noinline from kfunc definiton
- Some other minor fixes.

v2 -> v3

- Fixed missing prototype error
- Fixes suggested by other Joanne and Kumar.

v1 -> v2

- Used kfuncs as suggested by Alexei
- Used Benjamin Tissoires' patch from the HID v4 series to add a
  sleepable kfunc set (I sent the patch as a part of this series as it
  seems to have been dropped from v5) and acked it. Hope this is okay.
- Added support for verifying string constants to kfuncs

Hm, I mean this isn't really giving any explanation as to why you are
doing this. There's literally not a single sentence about the rationale?
Did you accidently forget to put that into the cover letter? :)


Yes, actually I did forget to copy paste :)

Foundation for building more complex security policies using the
BPF LSM as presented in LSF/MM/BPF:

http://vger.kernel.org/bpfconf2022_material/lsfmmbpf2022-xattr.pdf\

And my copy paste skills are getting worse (with the back-slash removed):

http://vger.kernel.org/bpfconf2022_material/lsfmmbpf2022-xattr.pdf

There's literally zero information in that link, so I still have no
clue on what this does and how it interacts with filesystem xattr
code.

So for those of us who have zero clue as to what you are trying to
do, please write a cover letter containing a non-zero amount of
information.  i.e.  a description of the problem, the threat model
being addressed, the design of the infrastructure that needs this
hook, document assumptions that have been made (e.g. for
accessing inode metadata atomically from random bpf contexts), what
xattr namespace(s) this hook should belong/be constrained to,
whether you're going to ask for a setxattr hook next, etc.

At minimum this is going to need a bunch of documentation for people
to understand how to use this - where can I find that?

Cheers,

Dave.
-- 
Dave Chinner
david@fromorbit.com

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help