lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <t2kq5rb2lftun7fugy2w4fkxq5bn25q7gepyrqg2jkyahkockh@3jaj7gt33s6v>
Date: Mon, 22 Jul 2024 18:10:08 +0200
From: Benjamin Tissoires <bentiss@...nel.org>
To: Arnd Bergmann <arnd@...db.de>
Cc: Arnd Bergmann <arnd@...nel.org>, Jiri Kosina <jikos@...nel.org>, 
	Alexei Starovoitov <ast@...nel.org>, linux-input@...r.kernel.org, linux-kernel@...r.kernel.org, 
	bpf@...r.kernel.org
Subject: Re: [PATCH] hid: bpf: avoid building struct ops without JIT

On Jul 19 2024, Arnd Bergmann wrote:
> On Fri, Jul 19, 2024, at 15:52, Benjamin Tissoires wrote:
> > On Jul 19 2024, Arnd Bergmann wrote:
> >> 
> >> This could be avoided by making HID-BPF just depend on JIT, but that
> >> is probably not what we want here. Checking the other users of struct_ops,
> >> I see that those just leave out the struct_ops usage, so do the same here.
> >
> > Actually, if we make the struct_ops part only depend on JIT HID-BPF is
> > kind of moot. All we could do is use HID-BPF to communicate with the
> > device, without getting any feedback, so nothing much more than what
> > hidraw provides.
> >
> > The only "interesting" bit we could do is inject a new event on a device
> > as if it were originated from the device itself, but I really do not see
> > the point without the struct_ops hooks.
> >
> > So I think struct_ops is now the base for HID-BPF, and if it's not
> > available, we should not have HID-BPF at all.
> >
> 
> Ok, got it. So my original patch was correct after all.
> I had tried this version and then discarded it.
> 
>     Arnd
> 
> 8<------
> Subject: [PATCH] hid: bpf: add BPF_JIT dependency
> 
> The module does not do anything when the JIT is disabled, but instead
> causes a warning:
> 
> In file included from include/linux/bpf_verifier.h:7,
>                  from drivers/hid/bpf/hid_bpf_struct_ops.c:10:
> drivers/hid/bpf/hid_bpf_struct_ops.c: In function 'hid_bpf_struct_ops_init':
> include/linux/bpf.h:1853:50: error: statement with no effect [-Werror=unused-value]
>  1853 | #define register_bpf_struct_ops(st_ops, type) ({ (void *)(st_ops); 0; })
>       |                                                  ^~~~~~~~~~~~~~~~
> drivers/hid/bpf/hid_bpf_struct_ops.c:305:16: note: in expansion of macro 'register_bpf_struct_ops'
>   305 |         return register_bpf_struct_ops(&bpf_hid_bpf_ops, hid_bpf_ops);
>       |                ^~~~~~~~~~~~~~~~~~~~~~~
> 
> Add a Kconfig dependency to only allow building the HID-BPF support
> when a JIT is enabled.
> 
> Fixes: ebc0d8093e8c ("HID: bpf: implement HID-BPF through bpf_struct_ops")
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
> ----
> diff --git a/drivers/hid/bpf/Kconfig b/drivers/hid/bpf/Kconfig
> index 83214bae6768..d65482e02a6c 100644
> --- a/drivers/hid/bpf/Kconfig
> +++ b/drivers/hid/bpf/Kconfig
> @@ -3,7 +3,7 @@ menu "HID-BPF support"
>  
>  config HID_BPF
>         bool "HID-BPF support"
> -       depends on BPF
> +       depends on BPF_JIT
>         depends on BPF_SYSCALL
>         depends on DYNAMIC_FTRACE_WITH_DIRECT_CALLS
>         help

Thanks. I've applied this patch to for-6.11/upstream-fixes in the HID
tree.

Cheers,
Benjamin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ