astly
> simplifies its logic by:
> - rewriting the loading code with BPF skeletons
> - rewriting the server/client code with network helpers
> - rewriting the cgroup code with test__join_cgroup
> - rewriting the error handling code with CHECKs
>
> Signed-off-by: Florent Revest
Acked-by: KP Singh
On Tue, Jan 19, 2021 at 5:00 PM Florent Revest wrote:
>
> This needs a new helper that:
> - can work in a sleepable context (using sock_gen_cookie)
> - takes a struct sock pointer and checks that it's not NULL
>
> Signed-off-by: Florent Revest
Acked-by: KP Singh
art of the test.
>
> Adding a tracing program to the existing objects requires a different
> attachment strategy and different headers.
>
> Signed-off-by: Florent Revest
Acked-by: KP Singh
(one minor note, doesn't really need fixing as a part of this though)
> ---
> .../selftests/
tag when
you resubmit)
Fixes: 8ea636848aca ("bpf: Implement bpf_local_storage for inodes")
Acked-by: KP Singh
> > ---
> > kernel/bpf/bpf_inode_storage.c | 6 +-
> > 1 file changed, 5 insertions(+), 1 deletion(-)
> >
> > diff --git a/kernel/bpf/bpf_i
LED unresolved symbol bpf_lsm_socket_socketpair
>
> To fix the error, conditionally add the networking LSM hooks to the
> sleepable set.
>
> Fixes: 423f16108c9d8 ("bpf: Augment the set of sleepable LSM hooks")
> Signed-off-by: Mikko Ylinen
Thanks!
Acked-by: KP Singh
On Fri, Jan 22, 2021 at 11:33 PM KP Singh wrote:
>
> On Fri, Jan 22, 2021 at 1:32 PM Mikko Ylinen
> wrote:
> >
> > Networking LSM hooks are conditionally enabled and when building the new
> > sleepable BPF LSM hooks with the networking LSM hooks disabled, the
>
LED unresolved symbol bpf_lsm_socket_socketpair
>
> To fix the error, conditionally add the relevant networking/keys
> LSM hooks to the sleepable set.
>
> Fixes: 423f16108c9d8 ("bpf: Augment the set of sleepable LSM hooks")
> Signed-off-by: Mikko Ylinen
Acked-by: KP Singh
On Mon, Jan 25, 2021 at 7:55 AM Mikko Ylinen
wrote:
>
> On Sat, Jan 23, 2021 at 12:50:21AM +0100, KP Singh wrote:
> > On Fri, Jan 22, 2021 at 11:33 PM KP Singh wrote:
> > >
> > > On Fri, Jan 22, 2021 at 1:32 PM Mikko Ylinen
> > > wrote:
> > >
= ACCEPT part. I think it is correct
> by checking code.
>
> Acked-by: Yonghong Song
Thanks for the description!
Acked-by: KP Singh
atch was partially contributed by CyberArk Software, Inc.
>
> Fixes: 457f44363a88 ("bpf: Implement BPF ring buffer and verifier support for
> it")
> Suggested-by: Yonghong Song
> Signed-off-by: Gilad Reti
Acked-by: KP Singh
From: KP Singh
ima_file_hash can be called when there is no iint->ima_hash available
even though the inode exists in the integrity cache. It is fairly
common for a file to not have a hash. (e.g. an mknodat, prior to the
file being closed).
Another example where this can happen (sugges
From: KP Singh
ima_file_hash can be called when there is no iint->ima_hash available
even though the inode exists in the integrity cache.
An example where this can happen (suggested by Jann Horn):
Process A does:
while(1) {
unlink("/tmp/imafoo");
On Wed, Sep 16, 2020 at 6:00 PM Mimi Zohar wrote:
>
> On Wed, 2020-09-16 at 14:49 +0200, KP Singh wrote:
> > From: KP Singh
> >
> > ima_file_hash can be called when there is no iint->ima_hash available
> > even though the inode exists in the integrity cache.
> On Wed, 2020-09-16 at 12:05 +0000, KP Singh wrote:
> > From: KP Singh
> >
> > ima_file_hash can be called when there is no iint->ima_hash available
> > even though the inode exists in the integrity cache.
> >
> > An example where this can happ
From: KP Singh
ima_file_hash can be called when there is no iint->ima_hash available
even though the inode exists in the integrity cache.
An example where this can happen (suggested by Jann Horn):
Process A does:
while(1) {
unlink("/tmp/imafoo");
On 31.07.20 21:02, Martin KaFai Lau wrote:
> On Fri, Jul 31, 2020 at 02:08:55PM +0200, KP Singh wrote:
> [ ... ]
>>>> +const struct bpf_map_ops inode_storage_map_ops = {
[...]
>>
>> btf dump file /sys/kernel/btf/vmlinux | grep "STRUCT 'inode'"
&
From: KP Singh
Flags/consts:
SK_STORAGE_CREATE_FLAG_MASK BPF_LOCAL_STORAGE_CREATE_FLAG_MASK
BPF_SK_STORAGE_CACHE_SIZE BPF_LOCAL_STORAGE_CACHE_SIZE
MAX_VALUE_SIZEBPF_LOCAL_STORAGE_MAX_VALUE_SIZE
Structs:
bucketbpf_local_storage_map_bucket
From: KP Singh
# v7 -> v8
- Fixed an issue with BTF IDs for helpers and added
bpf_<>_storage_delete to selftests to catch this issue.
- Update comments about refcounts and grabbed a refcount to the open
file for userspace inode helpers.
- Rebase.
# v6 -> v7
- Updated the s
From: KP Singh
A purely mechanical change:
bpf_sk_storage.c = bpf_sk_storage.c + bpf_local_storage.c
bpf_sk_storage.h = bpf_sk_storage.h + bpf_local_storage.h
Signed-off-by: KP Singh
---
include/linux/bpf_local_storage.h | 163
include/net/bpf_sk_storage.h | 61
From: KP Singh
inode_local_storage:
* Hook to the file_open and inode_unlink LSM hooks.
* Create and unlink a temporary file.
* Store some information in the inode's bpf_local_storage during
file_open.
* Verify that this information exists when the file is unlinked.
sk_local_storage:
* Hook
From: KP Singh
Similar to bpf_local_storage for sockets, add local storage for inodes.
The life-cycle of storage is managed with the life-cycle of the inode.
i.e. the storage is destroyed along with the owning inode.
The BPF LSM allocates an __rcu pointer to the bpf_local_storage
From: KP Singh
Provide the a ability to define local storage caches on a per-object
type basis. The caches and caching indices for different objects should
not be inter-mixed as suggested in:
https://lore.kernel.org/bpf/20200630193441.kdwnkestulg5e...@kafai-mbp.dhcp.thefacebook.com
From: KP Singh
Refactor the functionality in bpf_sk_storage.c so that concept of
storage linked to kernel objects can be extended to other objects like
inode, task_struct etc.
Each new local storage will still be a separate map and provide its own
set of helpers. This allows for future object
From: KP Singh
Adds support for both bpf_{sk, inode}_storage_{get, delete} to be used
in LSM programs. These helpers are not used for tracing programs
(currently) as their usage is tied to the life-cycle of the object and
should only be used where the owning object won't be freed (when
On 8/3/20 6:46 PM, KP Singh wrote:
> From: KP Singh
>
> # v7 -> v8
>
> - Fixed an issue with BTF IDs for helpers and added
> bpf_<>_storage_delete to selftests to catch this issue.
> - Update comments about refcounts and grabbed a refcount to the open
>
From: KP Singh
A purely mechanical change:
bpf_sk_storage.c = bpf_sk_storage.c + bpf_local_storage.c
bpf_sk_storage.h = bpf_sk_storage.h + bpf_local_storage.h
Signed-off-by: KP Singh
---
include/linux/bpf_local_storage.h | 163
include/net/bpf_sk_storage.h | 61
From: KP Singh
Adds support for both bpf_{sk, inode}_storage_{get, delete} to be used
in LSM programs. These helpers are not used for tracing programs
(currently) as their usage is tied to the life-cycle of the object and
should only be used where the owning object won't be freed (when
From: KP Singh
# v8 -> v9
- Fixed reference count logic for files for inode maps.
- Other fixes suggested by Martin
- Rebase
# v7 -> v8
- Fixed an issue with BTF IDs for helpers and added
bpf_<>_storage_delete to selftests to catch this issue.
- Update comments about refcounts
From: KP Singh
Refactor the functionality in bpf_sk_storage.c so that concept of
storage linked to kernel objects can be extended to other objects like
inode, task_struct etc.
Each new local storage will still be a separate map and provide its own
set of helpers. This allows for future object
From: KP Singh
Similar to bpf_local_storage for sockets, add local storage for inodes.
The life-cycle of storage is managed with the life-cycle of the inode.
i.e. the storage is destroyed along with the owning inode.
The BPF LSM allocates an __rcu pointer to the bpf_local_storage
From: KP Singh
A purely mechanical change to split the renaming from the actual
generalization.
Flags/consts:
SK_STORAGE_CREATE_FLAG_MASK BPF_LOCAL_STORAGE_CREATE_FLAG_MASK
BPF_SK_STORAGE_CACHE_SIZE BPF_LOCAL_STORAGE_CACHE_SIZE
MAX_VALUE_SIZE
From: KP Singh
inode_local_storage:
* Hook to the file_open and inode_unlink LSM hooks.
* Create and unlink a temporary file.
* Store some information in the inode's bpf_local_storage during
file_open.
* Verify that this information exists when the file is unlinked.
sk_local_storage:
* Hook
From: KP Singh
Provide the a ability to define local storage caches on a per-object
type basis. The caches and caching indices for different objects should
not be inter-mixed as suggested in:
https://lore.kernel.org/bpf/20200630193441.kdwnkestulg5e...@kafai-mbp.dhcp.thefacebook.com
From: KP Singh
Similar to bpf_local_storage for sockets and inodes add local storage
for task_struct.
The life-cycle of storage is managed with the life-cycle of the
task_struct. i.e. the storage is destroyed along with the owning task
with a callback to the bpf_task_storage_free from
From: KP Singh
The currently available bpf_get_current_task returns an unsigned integer
which can be used along with BPF_CORE_READ to read data from
the task_struct but still cannot be used as an input argument to a
helper that accepts an ARG_PTR_TO_BTF_ID of type task_struct.
In order
From: KP Singh
The test implements a simple MAC policy which denies an executable
from unlinking itself. The LSM program bprm_committed_creds sets a
task_local_storage with a pointer to the inode. This is then used to
detect if the task is trying to unlink itself in the inode_unlink LSM
hook
From: KP Singh
With the fixing of BTF pruning of embedded types being fixed, the test
can be simplified to use vmlinux.h
Signed-off-by: KP Singh
---
.../selftests/bpf/progs/local_storage.c | 20 +--
1 file changed, 1 insertion(+), 19 deletions(-)
diff --git a/tools
From: KP Singh
The {inode,sk}_storage_result checking if the correct value was retrieved
was being clobbered unconditionally by the return value of the
bpf_{inode,sk}_storage_delete call.
Fixes: cd324d7abb3d ("bpf: Add selftests for local_storage")
Signed-off-by: KP Singh
---
.
From: KP Singh
We already have socket and inode local storage since [1]
This patch series:
* Implements bpf_local_storage for task_struct.
* Implements the bpf_get_current_task_btf helper which returns a BTF
pointer to the current task. Not only is this generally cleaner
(reading from
d to
> check it for NULLness.
>
> This helper could also be useful to other BPF program types such as LSM.
>
> Signed-off-by: Florent Revest
Acked-by: KP Singh
From: KP Singh
Update the set of sleepable hooks with the ones that do not trigger
a warning with might_fault() when exercised with the correct kernel
config options enabled, i.e.
DEBUG_ATOMIC_SLEEP=y
LOCKDEP=y
PROVE_LOCKING=y
This means that a sleepable LSM eBPF
From: KP Singh
Sleepable hooks are never called from an NMI/interrupt context, so it is
safe to use the bpf_d_path helper in LSM programs attaching to these
hooks.
The helper is not restricted to sleepable programs and merely uses the
list of sleeable hooks as the initial subset of LSM hooks
On Thu, Nov 12, 2020 at 7:48 PM Andrii Nakryiko
wrote:
>
> On Thu, Nov 12, 2020 at 9:20 AM KP Singh wrote:
> >
> > From: KP Singh
> >
> > Update the set of sleepable hooks with the ones that do not trigger
> > a warning with might_fault() when exercise
From: KP Singh
Sleepable hooks are never called from an NMI/interrupt context, so it is
safe to use the bpf_d_path helper in LSM programs attaching to these
hooks.
The helper is not restricted to sleepable programs and merely uses the
list of sleeable hooks as the initial subset of LSM hooks
From: KP Singh
Update the set of sleepable hooks with the ones that do not trigger
a warning with might_fault() when exercised with the correct kernel
config options enabled, i.e.
DEBUG_ATOMIC_SLEEP=y
LOCKDEP=y
PROVE_LOCKING=y
This means that a sleepable LSM eBPF
From: KP Singh
# v1 -> v2
* Fixed typos and formatting errors.
* Added Andrii's ack.
KP Singh (2):
bpf: Augment the set of sleepable LSM hooks
bpf: Expose bpf_d_path helper to sleepable LSM hooks
include/linux/bpf_lsm.h | 7 +++
kernel/bpf/bpf_lsm.c |
On Thu, Nov 12, 2020 at 9:03 PM KP Singh wrote:
>
> From: KP Singh
>
> # v1 -> v2
>
> * Fixed typos and formatting errors.
> * Added Andrii's ack.
Oops, I sent an older patch file which does not have Andrii's ack.
On Thu, Nov 12, 2020 at 11:35 PM Daniel Borkmann wrote:
>
> On 11/12/20 9:03 PM, KP Singh wrote:
> > From: KP Singh
> >
> > Update the set of sleepable hooks with the ones that do not trigger
> > a warning with might_fault() when exercised with the correct kernel
&
I think you meant to send these as [PATCH bpf-next] for bpf-next.
I guess we can do a round of reviews and update the next revision (if
any) with the correct prefixes.
On Thu, Nov 19, 2020 at 5:27 PM Florent Revest wrote:
>
> From: Florent Revest
>
> Currently, the sock_from_file prototype
do this a new helper
> wrapping sock_from_file is added.
>
> This is useful to tracing programs but also other program types
> inheriting this set of helpers such as iterators or LSM programs.
>
> Signed-off-by: Florent Revest
Acked-by: KP Singh
Some minor comments.
>
On Thu, Nov 19, 2020 at 5:27 PM Florent Revest wrote:
>
> From: Florent Revest
>
> Iterators are currently used to expose kernel information to userspace
> over fast procfs-like files but iterators could also be used to
> manipulate local storage. For example, the task_file iterator could be
>
On Fri, Nov 20, 2020 at 1:32 AM Martin KaFai Lau wrote:
>
> On Thu, Nov 19, 2020 at 05:26:54PM +0100, Florent Revest wrote:
> > From: Florent Revest
> >
> > The eBPF program iterates over all files and tasks. For all socket
> > files, it stores the tgid of the last task it encountered with a
From: KP Singh
# v2 -> v3
* Remove the list of non-sleepable hooks, will send a separate patch
to the lsm list based on the discussion with Daniel.
* Add Andrii's ack for real
# v1 -> v2
* Fixed typos and formatting errors.
* Added Andrii's ack.
KP Singh (2):
bpf: A
From: KP Singh
Sleepable hooks are never called from an NMI/interrupt context, so it is
safe to use the bpf_d_path helper in LSM programs attaching to these
hooks.
The helper is not restricted to sleepable programs and merely uses the
list of sleeable hooks as the initial subset of LSM hooks
From: KP Singh
Update the set of sleepable hooks with the ones that do not trigger
a warning with might_fault() when exercised with the correct kernel
config options enabled, i.e.
DEBUG_ATOMIC_SLEEP=y
LOCKDEP=y
PROVE_LOCKING=y
This means that a sleepable LSM eBPF
Thanks for taking a look!
On Wed, Oct 28, 2020 at 2:13 AM Martin KaFai Lau wrote:
>
> On Tue, Oct 27, 2020 at 06:03:13PM +0100, KP Singh wrote:
> [ ... ]
>
> > diff --git a/kernel/bpf/bpf_task_storage.c b/kernel/bpf/bpf_task_storage.c
> > new file mode 100644
> > in
On Fri, Oct 30, 2020 at 12:12 AM Andrii Nakryiko
wrote:
>
> On Wed, Oct 28, 2020 at 9:17 AM KP Singh wrote:
> >
> > From: KP Singh
> >
> > Similar to bpf_local_storage for sockets and inodes add local storage
> > for task_struct.
> >
> > The life
"
On Fri, Oct 30, 2020 at 12:28 AM Song Liu wrote:
>
> On Wed, Oct 28, 2020 at 9:17 AM KP Singh wrote:
> >
> > From: KP Singh
> >
> > Similar to bpf_local_storage for sockets and inodes add local storage
> > for task_struct.
> >
> > The
From: KP Singh
This is in preparation to add a helper for BPF LSM programs to use
IMA hashes when attached to LSM hooks. There are LSM hooks like
inode_unlink which do not have a struct file * argument and cannot
use the existing ima_file_hash API.
An inode based API is, therefore, useful
From: KP Singh
- Update the IMA policy before executing the test binary (this is not an
override of the policy, just an append that ensures that hashes are
calculated on executions).
- Call the bpf_ima_inode_hash in the bprm_committed_creds hook and check
if the call succeeded and a hash
From: KP Singh
Provide a wrapper function to get the IMA hash of an inode. This helper
is useful in fingerprinting files (e.g executables on execution) and
using these fingerprints in detections like an executable unlinking
itself.
Since the ima_inode_hash can sleep, it's only allowed
[...]
> >
> > diff --git a/scripts/bpf_helpers_doc.py b/scripts/bpf_helpers_doc.py
> > index c5bc947a70ad..add7fcb32dcd 100755
> > --- a/scripts/bpf_helpers_doc.py
> > +++ b/scripts/bpf_helpers_doc.py
> > @@ -478,6 +478,7 @@ class PrinterHelpers(Printer):
> > 'struct
[...]
> > + * long bpf_ima_inode_hash(struct inode *inode, void *dst, u32 size)
> > + * Description
> > + * Returns the stored IMA hash of the *inode* (if it's
> > avaialable).
> > + * If the hash is larger than *size*, then only *size*
> > + * bytes will be
On Fri, Nov 20, 2020 at 7:11 PM Yonghong Song wrote:
>
>
>
> On 11/20/20 5:17 AM, KP Singh wrote:
> > From: KP Singh
> >
> > - Update the IMA policy before executing the test binary (this is not an
> >override of the policy, just an append that ensur
From: KP Singh
This is in preparation to add a helper for BPF LSM programs to use
IMA hashes when attached to LSM hooks. There are LSM hooks like
inode_unlink which do not have a struct file * argument and cannot
use the existing ima_file_hash API.
An inode based API is, therefore, useful
From: KP Singh
Provide a wrapper function to get the IMA hash of an inode. This helper
is useful in fingerprinting files (e.g executables on execution) and
using these fingerprints in detections like an executable unlinking
itself.
Since the ima_inode_hash can sleep, it's only allowed
From: KP Singh
- Update the IMA policy before executing the test binary (this is not an
override of the policy, just an append that ensures that hashes are
calculated on executions).
- Call the bpf_ima_inode_hash in the bprm_committed_creds hook and check
if the call succeeded and a hash
From: KP Singh
The helper allows modification of certain bits on the linux_binprm
struct starting with the secureexec bit which can be updated using the
BPF_F_BPRM_SECUREEXEC flag.
secureexec can be set by the LSM for privilege gaining executions to set
the AT_SECURE auxv for glibc. When set
From: KP Singh
The test forks a child process, updates the local storage to set/unset
the securexec bit.
The BPF program in the test attaches to bprm_creds_for_exec which checks
the local storage of the current task to set the secureexec bit on the
binary parameters (bprm).
The child
On Tue, Nov 17, 2020 at 11:41 PM Daniel Borkmann wrote:
>
> On 11/17/20 3:13 AM, KP Singh wrote:
> > From: KP Singh
> >
> > The helper allows modification of certain bits on the linux_binprm
> > struct starting with the secureexec bit which can be updated using the
From: KP Singh
The test forks a child process, updates the local storage to set/unset
the securexec bit.
The BPF program in the test attaches to bprm_creds_for_exec which checks
the local storage of the current task to set the secureexec bit on the
binary parameters (bprm).
The child
From: KP Singh
The helper allows modification of certain bits on the linux_binprm
struct starting with the secureexec bit which can be updated using the
BPF_LSM_F_BPRM_SECUREEXEC flag.
secureexec can be set by the LSM for privilege gaining executions to set
the AT_SECURE auxv for glibc. When
[...]
> +
> +#include "vmlinux.h"
> +#include
> +#include
> +#include
> +
> +char _license[] SEC("license") = "GPL";
> +
> +struct {
> + __uint(type, BPF_MAP_TYPE_TASK_STORAGE);
> + __uint(map_flags, BPF_F_NO_PREALLOC);
> + __type(key, int);
> + __type(value, int);
> +}
[...]
> >
> > +BPF_CALL_2(bpf_lsm_set_bprm_opts, struct linux_binprm *, bprm, u64, flags)
> > +{
>
> This should also reject invalid flags. I'd rather change this helper from
> RET_VOID
> to RET_INTEGER and throw -EINVAL for everything other than
> BPF_LSM_F_BPRM_SECUREEXEC
> passed in here
On Mon, Nov 16, 2020 at 11:48 PM KP Singh wrote:
>
> [...]
>
> > >
> > > +BPF_CALL_2(bpf_lsm_set_bprm_opts, struct linux_binprm *, bprm, u64,
> > > flags)
> > > +{
> >
> > This should also reject invalid flags. I'd rather change this helpe
From: KP Singh
The helper allows modification of certain bits on the linux_binprm
struct starting with the secureexec bit which can be updated using the
BPF_LSM_F_BPRM_SECUREEXEC flag.
secureexec can be set by the LSM for privilege gaining executions to set
the AT_SECURE auxv for glibc. When
From: KP Singh
The test forks a child process, updates the local storage to set/unset
the securexec bit.
The BPF program in the test attaches to bprm_creds_for_exec which checks
the local storage of the current task to set the secureexec bit on the
binary parameters (bprm).
The child
On Tue, Nov 17, 2020 at 1:43 AM Martin KaFai Lau wrote:
>
> On Mon, Nov 16, 2020 at 11:25:36PM +0000, KP Singh wrote:
> > From: KP Singh
> >
> > The test forks a child process, updates the local storage to set/unset
> > the securexec bit.
> >
>
On Tue, Nov 17, 2020 at 1:11 AM Martin KaFai Lau wrote:
>
> On Mon, Nov 16, 2020 at 11:25:35PM +0000, KP Singh wrote:
> > From: KP Singh
> >
> > The helper allows modification of certain bits on the linux_binprm
> > struct starting with the secureexec
On Tue, Nov 17, 2020 at 3:03 AM KP Singh wrote:
>
> On Tue, Nov 17, 2020 at 1:11 AM Martin KaFai Lau wrote:
> >
> > On Mon, Nov 16, 2020 at 11:25:35PM +, KP Singh wrote:
> > > From: KP Singh
> > >
> > > The helper allows modification of certain b
From: KP Singh
The test forks a child process, updates the local storage to set/unset
the securexec bit.
The BPF program in the test attaches to bprm_creds_for_exec which checks
the local storage of the current task to set the secureexec bit on the
binary parameters (bprm).
The child
From: KP Singh
The helper allows modification of certain bits on the linux_binprm
struct starting with the secureexec bit which can be updated using the
BPF_LSM_F_BPRM_SECUREEXEC flag.
secureexec can be set by the LSM for privilege gaining executions to set
the AT_SECURE auxv for glibc. When
On Mon, Nov 23, 2020 at 2:24 PM Mimi Zohar wrote:
>
> On Sat, 2020-11-21 at 00:50 +0000, KP Singh wrote:
> > From: KP Singh
> >
> > - Update the IMA policy before executing the test binary (this is not an
> > override of the policy, just an append that ensures th
[...]
> > >
> > > Even if a custom policy has been loaded, potentially additional
> > > measurements unrelated to this test would be included the measurement
> > > list. One way of limiting a rule to a specific test is by loopback
> > > mounting a file system and defining a policy rule based on
On Mon, Nov 23, 2020 at 7:36 PM Yonghong Song wrote:
>
>
>
> On 11/23/20 10:27 AM, KP Singh wrote:
> > [...]
> >
> >>>>
> >>>> Even if a custom policy has been loaded, potentially additional
> >>>> measurements unrelated
On Tue, Nov 24, 2020 at 5:02 AM Alexei Starovoitov
wrote:
>
> On Fri, Nov 20, 2020 at 01:17:07PM +0000, KP Singh wrote:
> > +
> > +static bool bpf_ima_inode_hash_allowed(const struct bpf_prog *prog)
> > +{
> > + return bpf_lsm_is_sleepable
[...]
> > + exit(errno);
>
> Running test_progs-no-alu32, the test failed as:
>
> root@arch-fb-vm1:~/net-next/net-next/tools/testing/selftests/bpf
> ./test_progs-no_alu32 -t test_ima
Note to self: Also start testing test_progs-no_alu32
>
> sh: ./ima_setup.sh: No such file or
ialize a socket local storage with associations between
> processes and sockets or to selectively delete local storage values.
>
> Signed-off-by: Florent Revest
> Acked-by: Martin KaFai Lau
Acked-by: KP Singh
;
> This patch simplifies the API by letting callers deduce the error based
> on whether the returned socket is NULL or not.
>
> Suggested-by: Al Viro
> Signed-off-by: Florent Revest
Reviewed-by: KP Singh
[...]
> diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> index c3458ec1f30a..670998635eac 100644
> --- a/include/uapi/linux/bpf.h
> +++ b/include/uapi/linux/bpf.h
> @@ -3817,6 +3817,21 @@ union bpf_attr {
> * The **hash_algo** is returned on success,
> *
On Fri, Nov 27, 2020 at 8:35 AM Yonghong Song wrote:
>
>
>
> On 11/26/20 8:57 AM, Florent Revest wrote:
> > This helper exposes the kallsyms_lookup function to eBPF tracing
> > programs. This can be used to retrieve the name of the symbol at an
> > address. For example, when hooking into
On Fri, Nov 27, 2020 at 5:29 AM Andrii Nakryiko
wrote:
>
> On Tue, Nov 24, 2020 at 7:16 AM KP Singh wrote:
> >
> > From: KP Singh
> >
[...]
>
> > +cleanup() {
> > +local tmp_dir="$1"
> > +local mount_img="${tmp
On Tue, Nov 24, 2020 at 12:04 PM KP Singh wrote:
>
> On Tue, Nov 24, 2020 at 5:02 AM Alexei Starovoitov
> wrote:
> >
> > On Fri, Nov 20, 2020 at 01:17:07PM +, KP Singh wrote:
> > > +
> > > +static bool bpf_ima_inode_hash_allowed(const struct bpf_
From: KP Singh
Provide a wrapper function to get the IMA hash of an inode. This helper
is useful in fingerprinting files (e.g executables on execution) and
using these fingerprints in detections like an executable unlinking
itself.
Since the ima_inode_hash can sleep, it's only allowed
From: KP Singh
The test does the following:
- Mounts a loopback filesystem and appends the IMA policy to measure
executions only on this file-system. Restricting the IMA policy to a
particular filesystem prevents a system-wide IMA policy change.
- Executes an executable copied
From: KP Singh
# v2 -> v3
- Fixed an issue pointed out by Alexei, the helper should only be
exposed to sleepable hooks.
- Update the selftests to constrain the IMA policy udpate to a loopback
filesystem specifically created for the test. Also, split this out
from the LSM test. I drop
From: KP Singh
This is in preparation to add a helper for BPF LSM programs to use
IMA hashes when attached to LSM hooks. There are LSM hooks like
inode_unlink which do not have a struct file * argument and cannot
use the existing ima_file_hash API.
An inode based API is, therefore, useful
On Wed, Nov 25, 2020 at 3:20 AM Mimi Zohar wrote:
>
> On Tue, 2020-11-24 at 15:12 +0000, KP Singh wrote:
> > diff --git a/tools/testing/selftests/bpf/ima_setup.sh
> > b/tools/testing/selftests/bpf/ima_setup.sh
> > new file mode 100644
> > index ..
On Tue, Nov 24, 2020 at 6:35 PM Yonghong Song wrote:
>
>
>
> On 11/24/20 7:12 AM, KP Singh wrote:
> > From: KP Singh
> >
> > This is in preparation to add a helper for BPF LSM programs to use
> > IMA hashes when attached to LSM hooks. There are LSM hooks lik
On Thu, Nov 5, 2020 at 11:03 PM Martin KaFai Lau wrote:
>
> On Thu, Nov 05, 2020 at 03:47:54PM +0100, KP Singh wrote:
> > From: KP Singh
> >
> > The test exercises the syscall based map operations by creating a pidfd
> > for the current process.
> >
[
1 - 100 of 291 matches
Mail list logo