lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <13928754.uLZWGnKmhe@7940hx>
Date: Thu, 15 Jan 2026 16:33:42 +0800
From: Menglong Dong <menglong.dong@...ux.dev>
To: Andrii Nakryiko <andrii.nakryiko@...il.com>
Cc: Menglong Dong <menglong8.dong@...il.com>, ast@...nel.org,
 andrii@...nel.org, daniel@...earbox.net, martin.lau@...ux.dev,
 eddyz87@...il.com, song@...nel.org, yonghong.song@...ux.dev,
 john.fastabend@...il.com, kpsingh@...nel.org, sdf@...ichev.me,
 haoluo@...gle.com, jolsa@...nel.org, davem@...emloft.net, dsahern@...nel.org,
 tglx@...utronix.de, mingo@...hat.com, jiang.biao@...ux.dev, bp@...en8.de,
 dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com,
 bpf@...r.kernel.org, netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH bpf-next v9 01/11] bpf: add fsession support

On 2026/1/15 02:56 Andrii Nakryiko <andrii.nakryiko@...il.com> write:
> On Tue, Jan 13, 2026 at 6:11 PM Menglong Dong <menglong.dong@...ux.dev> wrote:
> >
> > On 2026/1/14 09:22 Andrii Nakryiko <andrii.nakryiko@...il.com> write:
> > > On Sat, Jan 10, 2026 at 6:11 AM Menglong Dong <menglong8.dong@...il.com> wrote:
> > > >
> > > > The fsession is something that similar to kprobe session. It allow to
> > > > attach a single BPF program to both the entry and the exit of the target
> > > > functions.
> > > >
> > [...]
> > > > --- a/kernel/bpf/btf.c
> > > > +++ b/kernel/bpf/btf.c
> > > > @@ -6107,6 +6107,7 @@ static int btf_validate_prog_ctx_type(struct bpf_verifier_log *log, const struct
> > > >                 case BPF_TRACE_FENTRY:
> > > >                 case BPF_TRACE_FEXIT:
> > > >                 case BPF_MODIFY_RETURN:
> > > > +               case BPF_TRACE_FSESSION:
> > > >                         /* allow u64* as ctx */
> > > >                         if (btf_is_int(t) && t->size == 8)
> > > >                                 return 0;
> > > > @@ -6704,6 +6705,7 @@ bool btf_ctx_access(int off, int size, enum bpf_access_type type,
> > > >                         fallthrough;
> > > >                 case BPF_LSM_CGROUP:
> > > >                 case BPF_TRACE_FEXIT:
> > > > +               case BPF_TRACE_FSESSION:
> > >
> > > According to the comment below we make this exception due to LSM.
> > > FSESSION won't be using FSESSION programs, no? So this is not
> > > necessary?
> >
> > The comment describe the LSM case here, but the code
> > here is not only for LSM. It is also for FEXIT, which makes
> > sure that we can get the return value with "ctx[nr_args]".
> > So I think we still need it here, as we need to access the
> > return value with "ctx[nr_args]" too.
> 
> please update the comment then as well

Hi, Andrii. After deeper analysis, I think the comment is explaining
why LSM doesn't need to check the return value type of the target
kernel function in this code patch, as the target for LSM always
return void or int. So I think the comment has nothing to do with
fsession or fexit, right?

Its position may cause some misunderstanding, and if it is placed
after "cast BPF_LSM_MAC", it maybe more clear. (But it's another thing,
and let's keep it still now)

Thanks!
Menglong Dong

> 
> >
[...]
> >
> >
> >
> >

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ