The use case is to tag directories with xattr. For example, "user.allow_x" tag on /bin would allow execution of all files under /bin. To achieve this, we start from the security_file_open() hook and read xattr of all the parent directories. 4 kfuncs are added in this set: bpf_get_dentry_xattr bpf_file_dentry bpf_dget_parent bpf_dput The first is used to read xattr from dentry; while the other 3 are used to walk the directory tree. Note that, these functions are only allowed from LSM hooks. Song Liu (2): bpf: Add kfunc bpf_get_dentry_xattr() to read xattr from dentry selftests/bpf: Add tests for bpf_get_dentry_xattr kernel/trace/bpf_trace.c | 60 +++++++++++++++--- .../selftests/bpf/prog_tests/fs_kfuncs.c | 61 +++++++++++++++++-- .../selftests/bpf/progs/test_dentry_xattr.c | 46 ++++++++++++++ .../selftests/bpf/progs/test_get_xattr.c | 16 ++++- 4 files changed, 168 insertions(+), 15 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/test_dentry_xattr.c -- 2.43.0
