On Wed, Oct 02, 2024 at 02:46:37PM -0700, Song Liu wrote: > Extend test_progs fs_kfuncs to cover different xattr names. Specifically: > xattr name "user.kfuncs", "security.bpf", and "security.bpf.xxx" can be > read from BPF program with kfuncs bpf_get_[file|dentry]_xattr(); while > "security.bpfxxx" and "security.selinux" cannot be read. So you read code from untrusted user.* xattrs? How can you carve out that space and not known any pre-existing userspace cod uses kfuncs for it's own purpose?
