lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <96a00b6f-eb81-4c67-8c4b-6b1f3f045034@app.fastmail.com>
Date: Fri, 19 Jul 2024 16:34:44 +0200
From: "Arnd Bergmann" <arnd@...db.de>
To: "Benjamin Tissoires" <bentiss@...nel.org>,
 "Arnd Bergmann" <arnd@...nel.org>
Cc: "Jiri Kosina" <jikos@...nel.org>, "Alexei Starovoitov" <ast@...nel.org>,
 linux-input@...r.kernel.org, linux-kernel@...r.kernel.org,
 bpf@...r.kernel.org
Subject: Re: [PATCH] hid: bpf: avoid building struct ops without JIT

On Fri, Jul 19, 2024, at 15:52, Benjamin Tissoires wrote:
> On Jul 19 2024, Arnd Bergmann wrote:
>> 
>> This could be avoided by making HID-BPF just depend on JIT, but that
>> is probably not what we want here. Checking the other users of struct_ops,
>> I see that those just leave out the struct_ops usage, so do the same here.
>
> Actually, if we make the struct_ops part only depend on JIT HID-BPF is
> kind of moot. All we could do is use HID-BPF to communicate with the
> device, without getting any feedback, so nothing much more than what
> hidraw provides.
>
> The only "interesting" bit we could do is inject a new event on a device
> as if it were originated from the device itself, but I really do not see
> the point without the struct_ops hooks.
>
> So I think struct_ops is now the base for HID-BPF, and if it's not
> available, we should not have HID-BPF at all.
>

Ok, got it. So my original patch was correct after all.
I had tried this version and then discarded it.

    Arnd

8<------
Subject: [PATCH] hid: bpf: add BPF_JIT dependency

The module does not do anything when the JIT is disabled, but instead
causes a warning:

In file included from include/linux/bpf_verifier.h:7,
                 from drivers/hid/bpf/hid_bpf_struct_ops.c:10:
drivers/hid/bpf/hid_bpf_struct_ops.c: In function 'hid_bpf_struct_ops_init':
include/linux/bpf.h:1853:50: error: statement with no effect [-Werror=unused-value]
 1853 | #define register_bpf_struct_ops(st_ops, type) ({ (void *)(st_ops); 0; })
      |                                                  ^~~~~~~~~~~~~~~~
drivers/hid/bpf/hid_bpf_struct_ops.c:305:16: note: in expansion of macro 'register_bpf_struct_ops'
  305 |         return register_bpf_struct_ops(&bpf_hid_bpf_ops, hid_bpf_ops);
      |                ^~~~~~~~~~~~~~~~~~~~~~~

Add a Kconfig dependency to only allow building the HID-BPF support
when a JIT is enabled.

Fixes: ebc0d8093e8c ("HID: bpf: implement HID-BPF through bpf_struct_ops")
Signed-off-by: Arnd Bergmann <arnd@...db.de>
----
diff --git a/drivers/hid/bpf/Kconfig b/drivers/hid/bpf/Kconfig
index 83214bae6768..d65482e02a6c 100644
--- a/drivers/hid/bpf/Kconfig
+++ b/drivers/hid/bpf/Kconfig
@@ -3,7 +3,7 @@ menu "HID-BPF support"
 
 config HID_BPF
        bool "HID-BPF support"
-       depends on BPF
+       depends on BPF_JIT
        depends on BPF_SYSCALL
        depends on DYNAMIC_FTRACE_WITH_DIRECT_CALLS
        help

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ