Re: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs

[PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 04/18] bpf-preload: Export and call bpf_obj_do_pin_kernel() · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 03/18] bpf-preload: Generalize object pinning from the kernel · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 01/18] bpf: Export bpf_link_inc() · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 02/18] bpf-preload: Move bpf_preload.h to include/linux · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 05/18] bpf-preload: Generate static variables · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
Re: [PATCH 05/18] bpf-preload: Generate static variables · Andrii Nakryiko <hidden> · 2022-03-29
RE: [PATCH 05/18] bpf-preload: Generate static variables · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-30
Re: [PATCH 05/18] bpf-preload: Generate static variables · Andrii Nakryiko <hidden> · 2022-04-04
RE: [PATCH 05/18] bpf-preload: Generate static variables · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-30
[PATCH 06/18] bpf-preload: Generate free_objs_and_skel() · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 07/18] bpf-preload: Generate preload() · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 08/18] bpf-preload: Generate load_skel() · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 09/18] bpf-preload: Generate code to pin non-internal maps · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 11/18] bpf-preload: Store multiple bpf_preload_ops structures in a linked list · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 12/18] bpf-preload: Implement new registration method for preloading eBPF programs · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 13/18] bpf-preload: Move pinned links and maps to a dedicated directory in bpffs · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 10/18] bpf-preload: Generate bpf_preload_ops · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 14/18] bpf-preload: Switch to new preload registration method · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
Re: [PATCH 14/18] bpf-preload: Switch to new preload registration method · kernel test robot <hidden> · 2022-03-29
Re: [PATCH 14/18] bpf-preload: Switch to new preload registration method · kernel test robot <hidden> · 2022-03-29
[PATCH 15/18] bpf-preload: Generate code of kernel module to preload · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 16/18] bpf-preload: Do kernel mount to ensure that pinned objects don't disappear · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
Re: [PATCH 16/18] bpf-preload: Do kernel mount to ensure that pinned objects don't disappear · kernel test robot <hidden> · 2022-03-29
Re: [PATCH 16/18] bpf-preload: Do kernel mount to ensure that pinned objects don't disappear · kernel test robot <hidden> · 2022-03-29
[PATCH 18/18] bpf-preload/selftests: Preload a test eBPF program and check pinned objects · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
[PATCH 17/18] bpf-preload/selftests: Add test for automatic generation of preload methods · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-28
Re: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · Andrii Nakryiko <hidden> · 2022-03-29
RE: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-30
Re: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · Alexei Starovoitov <hidden> · 2022-03-31
RE: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · Roberto Sassu <roberto.sassu@huawei.com> · 2022-03-31
Re: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · Alexei Starovoitov <hidden> · 2022-04-01
Re: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · KP Singh <kpsingh@kernel.org> · 2022-04-02
Re: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · Djalal Harouni <hidden> · 2022-04-04
RE: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · Roberto Sassu <roberto.sassu@huawei.com> · 2022-04-04
Re: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · Alexei Starovoitov <hidden> · 2022-04-04
Re: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · KP Singh <kpsingh@kernel.org> · 2022-04-05
[POC][USER SPACE][PATCH] Introduce LSM to protect pinned objects · Roberto Sassu <roberto.sassu@huawei.com> · 2022-04-05
Re: [POC][USER SPACE][PATCH] Introduce LSM to protect pinned objects · Casey Schaufler <casey@schaufler-ca.com> · 2022-04-06
RE: [POC][USER SPACE][PATCH] Introduce LSM to protect pinned objects · Roberto Sassu <roberto.sassu@huawei.com> · 2022-04-06
Re: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · Casey Schaufler <casey@schaufler-ca.com> · 2022-04-05
RE: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · Roberto Sassu <roberto.sassu@huawei.com> · 2022-04-06
Re: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · Casey Schaufler <casey@schaufler-ca.com> · 2022-04-06
Re: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · KP Singh <kpsingh@kernel.org> · 2022-04-06
RE: [PATCH 00/18] bpf: Secure and authenticated preloading of eBPF programs · Roberto Sassu <roberto.sassu@huawei.com> · 2022-04-04

From: Djalal Harouni <hidden>
Date: 2022-04-04 07:45:31
Also in: bpf, linux-arm-kernel, linux-doc, linux-fsdevel, linux-integrity, linux-kselftest, linux-security-module, lkml

On Sun, Apr 3, 2022 at 5:42 PM KP Singh [off-list ref] wrote:

On Sat, Apr 2, 2022 at 1:55 AM Alexei Starovoitov
[off-list ref] wrote:

...

quoted

Pinning
them to unreachable inodes intuitively looked the
way to go for achieving the stated goal.

We can consider inodes in bpffs that are not unlinkable by root
in the future, but certainly not for this use case.

Can this not be already done by adding a BPF_LSM program to the
inode_unlink LSM hook?

Also, beside of the inode_unlink... and out of curiosity: making sysfs/bpffs/
readonly after pinning, then using bpf LSM hooks sb_mount|remount|unmount...
family combining bpf() LSM hook... isn't this enough to:
1. Restrict who can pin to bpffs without using a full MAC
2. Restrict who can delete or unmount bpf filesystem

?

-- 
https://djalal.opendz.org/

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help