lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAPhsuW4F5uyJKa2Gg1QYRy8_FBERgaj=z4smxtjKa5NF_Zac8w@mail.gmail.com>
Date: Thu, 16 Jan 2025 14:56:40 -0800
From: Song Liu <song@...nel.org>
To: Juntong Deng <juntong.deng@...look.com>
Cc: ast@...nel.org, daniel@...earbox.net, john.fastabend@...il.com, 
	andrii@...nel.org, martin.lau@...ux.dev, eddyz87@...il.com, 
	yonghong.song@...ux.dev, kpsingh@...nel.org, sdf@...ichev.me, 
	haoluo@...gle.com, jolsa@...nel.org, memxor@...il.com, tj@...nel.org, 
	void@...ifault.com, bpf@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC PATCH bpf-next 2/7] bpf: Add enum bpf_capability

On Thu, Jan 16, 2025 at 11:43 AM Juntong Deng <juntong.deng@...look.com> wrote:
>
> This patch adds enum bpf_capability, currently only for proof
> of concept.
>
> Signed-off-by: Juntong Deng <juntong.deng@...look.com>
> ---
>  include/uapi/linux/bpf.h | 15 +++++++++++++++
>  1 file changed, 15 insertions(+)
>
> diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> index 2acf9b336371..94c21d4eb786 100644
> --- a/include/uapi/linux/bpf.h
> +++ b/include/uapi/linux/bpf.h
> @@ -1058,6 +1058,21 @@ enum bpf_prog_type {
>         __MAX_BPF_PROG_TYPE
>  };
>
> +enum bpf_capability {
> +       BPF_CAP_NONE = 0,
> +       BPF_CAP_TEST_1,
> +       BPF_CAP_TEST_2,
> +       BPF_CAP_TEST_3,
> +       BPF_CAP_SCX_ANY,
> +       BPF_CAP_SCX_KF_UNLOCKED,
> +       BPF_CAP_SCX_KF_CPU_RELEASE,
> +       BPF_CAP_SCX_KF_DISPATCH,
> +       BPF_CAP_SCX_KF_ENQUEUE,
> +       BPF_CAP_SCX_KF_SELECT_CPU,
> +       BPF_CAP_SCX_KF_REST,
> +       __MAX_BPF_CAP
> +};
> +

I don't think we need to handle these in the core verifier.
Instead, we can put the same logic in:

    fetch_kfunc_meta =>
       btf_kfunc_id_set_contains =>
           __btf_kfunc_id_set_contains =>
              hook_filter->filters[i]()

Thanks,
Song

>  enum bpf_attach_type {
>         BPF_CGROUP_INET_INGRESS,
>         BPF_CGROUP_INET_EGRESS,
> --
> 2.39.5
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ