lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <6072BD6D-6DB8-485A-A7D4-3E790488E0DE@fb.com>
Date: Thu, 19 Dec 2024 22:14:40 +0000
From: Song Liu <songliubraving@...a.com>
To: Song Liu <song@...nel.org>
CC: "bpf@...r.kernel.org" <bpf@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-security-module@...r.kernel.org"
	<linux-security-module@...r.kernel.org>,
        Kernel Team <kernel-team@...a.com>,
        "andrii@...nel.org" <andrii@...nel.org>,
        "ast@...nel.org" <ast@...nel.org>,
        "daniel@...earbox.net" <daniel@...earbox.net>,
        "martin.lau@...ux.dev"
	<martin.lau@...ux.dev>,
        "kpsingh@...nel.org" <kpsingh@...nel.org>,
        "mattbobrowski@...gle.com" <mattbobrowski@...gle.com>,
        "paul@...l-moore.com"
	<paul@...l-moore.com>,
        "jmorris@...ei.org" <jmorris@...ei.org>,
        "serge@...lyn.com" <serge@...lyn.com>,
        "memxor@...il.com" <memxor@...il.com>
Subject: Re: [PATCH v6 bpf-next 0/7] Enable writing xattr from BPF programs

CI found a bug with this. I will resend. Sorry for the noise. 

Song

> On Dec 19, 2024, at 12:25 PM, Song Liu <song@...nel.org> wrote:
> 
> Add support to set and remove xattr from BPF program. Also add
> security.bpf. xattr name prefix.
> 
> kfuncs are added to set and remove xattrs with security.bpf. name
> prefix. Update kfuncs bpf_get_[file|dentry]_xattr to read xattrs
> with security.bpf. name prefix. Note that BPF programs can read
> user. xattrs, but not write and remove them.
> 
> To pick the right version of kfunc to use, a remap logic is added to
> btf_kfunc_id_set. This helps move some kfunc specific logic off the
> verifier core code. Also use this remap logic to select
> bpf_dynptr_from_skb or bpf_dynptr_from_skb_rdonly.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ