[...]
> >
> > +BPF_CALL_2(bpf_lsm_set_bprm_opts, struct linux_binprm *, bprm, u64, flags)
> > +{
>
> This should also reject invalid flags. I'd rather change this helper from
> RET_VOID
> to RET_INTEGER and throw -EINVAL for everything other than
> BPF_LSM_F_BPRM_SECUREEXEC
> passed in here including zero so it can be extended in future.
Sounds good, I added:
enum {
BPF_LSM_F_BPRM_SECUREEXEC = (1ULL << 0),
+ /* Mask for all the currently supported BPRM options */
+ BPF_LSM_F_BRPM_OPTS_MASK = 0x1ULL,
};
changed the return type to RET_INTEGER as suggested checking for
invalid flags as:
BPF_CALL_2(bpf_lsm_set_bprm_opts, struct linux_binprm *, bprm, u64, flags)
{
+
+ if (flags & !BPF_LSM_F_BRPM_OPTS_MASK)
+ return -EINVAL;
Do let me know if this is okay and I can spin up a v2 with these changes.
- KP
>
> > + bprm->secureexec = (flags & BPF_LSM_F_BPRM_SECUREEXEC);
> > + return 0;
> > +}
> > +
> > +BTF_ID_LIST_SINGLE(bpf_lsm_set_bprm_opts_btf_ids, struct, linux_binprm)
> > +
> > +const static struct bpf_func_proto bpf_lsm_set_bprm_opts_proto = {
> > + .func = bpf_lsm_set_bprm_opts,
> > + .gpl_only = false,
> > + .ret_type = RET_VOID,
> > + .arg1_type = ARG_PTR_TO_BTF_ID,
> > + .arg1_btf_id = &bpf_lsm_set_bprm_opts_btf_ids[0],
> > + .arg2_type = ARG_ANYTHING,
> > +};
> > +
