lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <Z0TRc0A6Q8QUxNAe@google.com>
Date: Mon, 25 Nov 2024 19:35:15 +0000
From: Matt Bobrowski <mattbobrowski@...gle.com>
To: Thomas Weißschuh <linux@...ssschuh.net>
Cc: Alexei Starovoitov <alexei.starovoitov@...il.com>,
	KP Singh <kpsingh@...nel.org>, Alexei Starovoitov <ast@...nel.org>,
	Daniel Borkmann <daniel@...earbox.net>,
	Andrii Nakryiko <andrii@...nel.org>,
	Martin KaFai Lau <martin.lau@...ux.dev>,
	Eduard Zingerman <eddyz87@...il.com>, Song Liu <song@...nel.org>,
	Yonghong Song <yonghong.song@...ux.dev>,
	John Fastabend <john.fastabend@...il.com>,
	Stanislav Fomichev <sdf@...ichev.me>, Hao Luo <haoluo@...gle.com>,
	Jiri Olsa <jolsa@...nel.org>, Paul Moore <paul@...l-moore.com>,
	Casey Schaufler <casey@...aufler-ca.com>, bpf <bpf@...r.kernel.org>,
	LKML <linux-kernel@...r.kernel.org>, audit@...r.kernel.org,
	selinux@...r.kernel.org
Subject: Re: [PATCH] bpf, lsm: Fix getlsmprop hooks BTF IDs

On Mon, Nov 25, 2024 at 09:25:24AM +0100, Thomas Weißschuh wrote:
> On 2024-11-24 15:45:04-0800, Alexei Starovoitov wrote:
> > On Sat, Nov 23, 2024 at 2:19 AM Thomas Weißschuh <linux@...ssschuh.net> wrote:
> > >
> > > The hooks got renamed, adapt the BTF IDs.
> > > Fixes the following build warning:
> > >
> > >   BTFIDS  vmlinux
> > > WARN: resolve_btfids: unresolved symbol bpf_lsm_task_getsecid_obj
> > > WARN: resolve_btfids: unresolved symbol bpf_lsm_current_getsecid_subj
> > >
> > > Fixes: 37f670aacd48 ("lsm: use lsm_prop in security_current_getsecid")
> > > Signed-off-by: Thomas Weißschuh <linux@...ssschuh.net>
> > > ---
> > >  kernel/bpf/bpf_lsm.c | 4 ++--
> > >  1 file changed, 2 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/kernel/bpf/bpf_lsm.c b/kernel/bpf/bpf_lsm.c
> > > index 3bc61628ab251e05d7837eb27dabc3b62bcc4783..5be76572ab2e8a0c6e18a81f9e4c14812a11aad2 100644
> > > --- a/kernel/bpf/bpf_lsm.c
> > > +++ b/kernel/bpf/bpf_lsm.c
> > > @@ -375,8 +375,8 @@ BTF_ID(func, bpf_lsm_socket_socketpair)
> > >
> > >  BTF_ID(func, bpf_lsm_syslog)
> > >  BTF_ID(func, bpf_lsm_task_alloc)
> > > -BTF_ID(func, bpf_lsm_current_getsecid_subj)
> > > -BTF_ID(func, bpf_lsm_task_getsecid_obj)
> > > +BTF_ID(func, bpf_lsm_current_getlsmprop_subj)
> > > +BTF_ID(func, bpf_lsm_task_getlsmprop_obj)
> > 
> > Maybe we can remove these two instead?
> > I couldn't come up with a reason for bpf_lsm to attach to these two.
> 
> Personally I have no idea about bps_lsm, how it works or how it is used.
> I only tried to get rid of the warning.
> If you prefer I can drop the IDs.
> 
> In my opinion this is a discussion that would have been better in
> the original patch, if the CI would have caught it.

I agree with Alexei here, we can probably just remove these
instead. ATM, I don't think we could do anything useful with them from
the context of a BPF LSM program anyway.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ