Re: [PATCH v3 bpf-next 0/6] Enable writing xattr from BPF programs

[PATCH v3 bpf-next 0/6] Enable writing xattr from BPF programs · Song Liu <song@kernel.org> · 2024-12-10
[PATCH v3 bpf-next 1/6] fs/xattr: bpf: Introduce security.bpf. xattr name prefix · Song Liu <song@kernel.org> · 2024-12-10
[PATCH v3 bpf-next 2/6] selftests/bpf: Extend test fs_kfuncs to cover security.bpf. xattr names · Song Liu <song@kernel.org> · 2024-12-10
[PATCH v3 bpf-next 3/6] bpf: lsm: Add two more sleepable hooks · Song Liu <song@kernel.org> · 2024-12-10
[PATCH v3 bpf-next 4/6] bpf: fs/xattr: Add BPF kfuncs to set and remove xattrs · Song Liu <song@kernel.org> · 2024-12-10
Re: [PATCH v3 bpf-next 4/6] bpf: fs/xattr: Add BPF kfuncs to set and remove xattrs · Jan Kara <jack@suse.cz> · 2024-12-12
Re: [PATCH v3 bpf-next 4/6] bpf: fs/xattr: Add BPF kfuncs to set and remove xattrs · Song Liu <hidden> · 2024-12-12
[PATCH v3 bpf-next 5/6] selftests/bpf: Test kfuncs that set and remove xattr from BPF programs · Song Liu <song@kernel.org> · 2024-12-10
[PATCH v3 bpf-next 6/6] selftests/bpf: Add __failure tests for set/remove xattr kfuncs · Song Liu <song@kernel.org> · 2024-12-10
Re: [PATCH v3 bpf-next 0/6] Enable writing xattr from BPF programs · "Theodore Ts'o" <tytso@mit.edu> · 2024-12-11
Re: [PATCH v3 bpf-next 0/6] Enable writing xattr from BPF programs · Song Liu <hidden> · 2024-12-11
Re: [PATCH v3 bpf-next 0/6] Enable writing xattr from BPF programs · Andrii Nakryiko <hidden> · 2024-12-12

From: Song Liu <hidden>
Date: 2024-12-11 16:48:16
Also in: bpf, linux-fsdevel, lkml

Hi Ted,

On Dec 11, 2024, at 5:18 AM, Theodore Ts'o [off-list ref] wrote:

On Tue, Dec 10, 2024 at 02:06:21PM -0800, Song Liu wrote:

quoted

Add support to set and remove xattr from BPF program. Also add
security.bpf. xattr name prefix.

If the system allows for the execution of unprivileged BPF programs
(e.g., ones where a random user can load their own BPF programs), will
they have hte ability to set and remove security.bpf.* xattrs?  If the
answer is yes, should this be disallowed?

I note that one of the use cases seems to be BPF-based LSM's, so we
may want to have something even more restrictive since otherwise any
BPF program could potentially have the same power as the LSM?

These kfuncs are only allowed in BPF LSM programs. Therefore, other
program types (tracing, XDP, etc.) cannot use these kfuncs. 

Thanks,
Song

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help