Re: [PATCH v2 02/13] bpf: Implement exclusive map creation

[PATCH v2 00/13] Signed BPF programs · KP Singh <kpsingh@kernel.org> · 2025-07-21
[PATCH v2 01/13] bpf: Update the bpf_prog_calc_tag to use SHA256 · KP Singh <kpsingh@kernel.org> · 2025-07-21
[PATCH v2 02/13] bpf: Implement exclusive map creation · KP Singh <kpsingh@kernel.org> · 2025-07-21
Re: [PATCH v2 02/13] bpf: Implement exclusive map creation · Fan Wu <wufan@kernel.org> · 2025-07-29
Re: [PATCH v2 02/13] bpf: Implement exclusive map creation · KP Singh <kpsingh@kernel.org> · 2025-08-11
[PATCH v2 03/13] libbpf: Implement SHA256 internal helper · KP Singh <kpsingh@kernel.org> · 2025-07-21
[PATCH v2 04/13] libbpf: Support exclusive map creation · KP Singh <kpsingh@kernel.org> · 2025-07-21
Re: [PATCH v2 04/13] libbpf: Support exclusive map creation · Alexei Starovoitov <hidden> · 2025-07-29
Re: [PATCH v2 04/13] libbpf: Support exclusive map creation · KP Singh <kpsingh@kernel.org> · 2025-08-11
[PATCH v2 05/13] selftests/bpf: Add tests for exclusive maps · KP Singh <kpsingh@kernel.org> · 2025-07-21
[PATCH v2 06/13] bpf: Return hashes of maps in BPF_OBJ_GET_INFO_BY_FD · KP Singh <kpsingh@kernel.org> · 2025-07-21
[PATCH v2 07/13] bpf: Move the signature kfuncs to helpers.c · KP Singh <kpsingh@kernel.org> · 2025-07-21
Re: [PATCH v2 07/13] bpf: Move the signature kfuncs to helpers.c · James Bottomley <James.Bottomley@HansenPartnership.com> · 2025-07-23
[PATCH v2 08/13] bpf: Implement signature verification for BPF programs · KP Singh <kpsingh@kernel.org> · 2025-07-21
Re: [PATCH v2 08/13] bpf: Implement signature verification for BPF programs · James Bottomley <James.Bottomley@HansenPartnership.com> · 2025-07-23
Re: [PATCH v2 08/13] bpf: Implement signature verification for BPF programs · KP Singh <kpsingh@kernel.org> · 2025-07-24
Re: [PATCH v2 08/13] bpf: Implement signature verification for BPF programs · Dan Carpenter <hidden> · 2025-07-31
Re: [PATCH v2 08/13] bpf: Implement signature verification for BPF programs · KP Singh <kpsingh@kernel.org> · 2025-08-11
Re: [PATCH v2 08/13] bpf: Implement signature verification for BPF programs · Blaise Boscaccy <hidden> · 2025-08-05
Re: [PATCH v2 08/13] bpf: Implement signature verification for BPF programs · Paul Moore <paul@paul-moore.com> · 2025-08-13
[PATCH v2 09/13] libbpf: Update light skeleton for signing · KP Singh <kpsingh@kernel.org> · 2025-07-21
[PATCH v2 10/13] libbpf: Embed and verify the metadata hash in the loader · KP Singh <kpsingh@kernel.org> · 2025-07-21
[PATCH v2 11/13] bpftool: Add support for signing BPF programs · KP Singh <kpsingh@kernel.org> · 2025-07-21
Re: [PATCH v2 11/13] bpftool: Add support for signing BPF programs · Quentin Monnet <qmo@kernel.org> · 2025-07-22
Re: [PATCH v2 11/13] bpftool: Add support for signing BPF programs · KP Singh <kpsingh@kernel.org> · 2025-07-24
Re: [PATCH v2 11/13] bpftool: Add support for signing BPF programs · KP Singh <kpsingh@kernel.org> · 2025-08-11
Re: [PATCH v2 11/13] bpftool: Add support for signing BPF programs · Quentin Monnet <qmo@kernel.org> · 2025-08-11
[PATCH v2 12/13] selftests/bpf: Enable signature verification for all lskel tests · KP Singh <kpsingh@kernel.org> · 2025-07-21
Re: [PATCH v2 12/13] selftests/bpf: Enable signature verification for all lskel tests · Alexei Starovoitov <hidden> · 2025-07-29
Re: [PATCH v2 12/13] selftests/bpf: Enable signature verification for all lskel tests · KP Singh <kpsingh@kernel.org> · 2025-08-11
[PATCH v2 13/13] selftests/bpf: Add test for signed programs · KP Singh <kpsingh@kernel.org> · 2025-07-21
Re: [PATCH v2 13/13] selftests/bpf: Add test for signed programs · Alexei Starovoitov <hidden> · 2025-07-29
Re: [PATCH v2 13/13] selftests/bpf: Add test for signed programs · KP Singh <kpsingh@kernel.org> · 2025-08-11

From: Fan Wu <wufan@kernel.org>
Date: 2025-07-29 22:59:16
Also in: bpf

On Mon, Jul 21, 2025 at 2:35 PM KP Singh [off-list ref] wrote:

Exclusive maps allow maps to only be accessed by program with a
program with a matching hash which is specified in the excl_prog_hash
attr.

For the signing use-case, this allows the trusted loader program
to load the map and verify the integrity

Signed-off-by: KP Singh <kpsingh@kernel.org>
---
 include/linux/bpf.h            |  1 +
 include/uapi/linux/bpf.h       |  2 ++
 kernel/bpf/syscall.c           | 32 ++++++++++++++++++++++++++++----
 kernel/bpf/verifier.c          |  6 ++++++
 tools/include/uapi/linux/bpf.h |  2 ++
 5 files changed, 39 insertions(+), 4 deletions(-)

...

quoted hunk ↗ jump to hunk

-static int map_create(union bpf_attr *attr, bool kernel)
+static int map_create(union bpf_attr *attr, bpfptr_t uattr)
 {
        const struct bpf_map_ops *ops;
        struct bpf_token *token = NULL;

@@ -1527,7 +1528,30 @@ static int map_create(union bpf_attr *attr, bool kernel)
                        attr->btf_vmlinux_value_type_id;
        }

-       err = security_bpf_map_create(map, attr, token, kernel);
+       if (attr->excl_prog_hash) {
+               bpfptr_t uprog_hash = make_bpfptr(attr->excl_prog_hash, uattr.is_kernel);
+
+               map->excl_prog_sha = kzalloc(SHA256_DIGEST_SIZE, GFP_KERNEL);
+               if (!map->excl_prog_sha) {
+                       err = -ENOMEM;
+                       goto free_map;
+               }
+
+               if (attr->excl_prog_hash_size != SHA256_DIGEST_SIZE) {
+                       err = -EINVAL;
+                       goto free_map;
+               }

Nit: Maybe check the size first to avoid unncessary kzalloc?

-Fan

+
+               if (copy_from_bpfptr(map->excl_prog_sha, uprog_hash,
+                                    SHA256_DIGEST_SIZE)) {
+                       err = -EFAULT;
+                       goto free_map;
+               }
+       } else if (attr->excl_prog_hash_size) {
+               return -EINVAL;
+       }
+
+       err = security_bpf_map_create(map, attr, token, uattr.is_kernel);
        if (err)
                goto free_map_sec;

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help