lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 21 Jun 2022 15:32:48 -0700
From:   Alexei Starovoitov <alexei.starovoitov@...il.com>
To:     Roberto Sassu <roberto.sassu@...wei.com>
Cc:     ast@...nel.org, daniel@...earbox.net, andrii@...nel.org,
        kpsingh@...nel.org, john.fastabend@...il.com,
        songliubraving@...com, kafai@...com, yhs@...com,
        dhowells@...hat.com, keyrings@...r.kernel.org, bpf@...r.kernel.org,
        netdev@...r.kernel.org, linux-kselftest@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v5 2/5] bpf: Add bpf_lookup_user_key() and bpf_key_put()
 helpers

On Tue, Jun 21, 2022 at 06:37:54PM +0200, Roberto Sassu wrote:
> Add the bpf_lookup_user_key() and bpf_key_put() helpers, to respectively
> search a key with a given serial, and release the reference count of the
> found key.
> 
> Signed-off-by: Roberto Sassu <roberto.sassu@...wei.com>
> ---
>  include/uapi/linux/bpf.h       | 16 ++++++++++++
>  kernel/bpf/bpf_lsm.c           | 46 ++++++++++++++++++++++++++++++++++
>  kernel/bpf/verifier.c          |  6 +++--
>  scripts/bpf_doc.py             |  2 ++
>  tools/include/uapi/linux/bpf.h | 16 ++++++++++++
>  5 files changed, 84 insertions(+), 2 deletions(-)
> 
> diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> index e81362891596..7bbcf2cd105d 100644
> --- a/include/uapi/linux/bpf.h
> +++ b/include/uapi/linux/bpf.h
> @@ -5325,6 +5325,20 @@ union bpf_attr {
>   *		**-EACCES** if the SYN cookie is not valid.
>   *
>   *		**-EPROTONOSUPPORT** if CONFIG_IPV6 is not builtin.
> + *
> + * struct key *bpf_lookup_user_key(u32 serial, unsigned long flags)
> + *	Description
> + *		Search a key with a given *serial* and the provided *flags*, and
> + *		increment the reference count of the key.

Why passing 'flags' is ok to do?
Please think through every line of the patch.

Powered by blists - more mailing lists