Re: [PATCH bpf-next v1 02/13] bpf: lsm: Add a skeleton and config options

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [PATCH bpf-next v1 02/13] bpf: lsm: Add a skeleton and config options
From: James Morris <jmorris@xxxxxxxxx>
Date: Wed, 8 Jan 2020 08:13:16 +1100 (AEDT)
Cc: linux-kernel@xxxxxxxxxxxxxxx, bpf@xxxxxxxxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, Alexei Starovoitov <ast@xxxxxxxxxx>, Daniel Borkmann <daniel@xxxxxxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, Thomas Garnier <thgarnie@xxxxxxxxxxxx>, Michael Halcrow <mhalcrow@xxxxxxxxxx>, Paul Turner <pjt@xxxxxxxxxx>, Brendan Gregg <brendan.d.gregg@xxxxxxxxx>, Jann Horn <jannh@xxxxxxxxxx>, Matthew Garrett <mjg59@xxxxxxxxxx>, Christian Brauner <christian@xxxxxxxxxx>, Mickaël Salaün <mic@xxxxxxxxxxx>, Florent Revest <revest@xxxxxxxxxxxx>, Brendan Jackman <jackmanb@xxxxxxxxxxxx>, Martin KaFai Lau <kafai@xxxxxx>, Song Liu <songliubraving@xxxxxx>, Yonghong Song <yhs@xxxxxx>, "Serge E. Hallyn" <serge@xxxxxxxxxx>, Mauro Carvalho Chehab <mchehab+samsung@xxxxxxxxxx>, "David S. Miller" <davem@xxxxxxxxxxxxx>, Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>, Nicolas Ferre <nicolas.ferre@xxxxxxxxxxxxx>, Stanislav Fomichev <sdf@xxxxxxxxxx>, Quentin Monnet <quentin.monnet@xxxxxxxxxxxxx>, Andrey Ignatov <rdna@xxxxxx>, Joe Stringer <joe@xxxxxxxxxxx>
In-reply-to: <20191220154208.15895-3-kpsingh@chromium.org>
User-agent: Alpine 2.21 (LRH 202 2017-01-01)

On Fri, 20 Dec 2019, KP Singh wrote:

> From: KP Singh <kpsingh@xxxxxxxxxx>
> 
> The LSM can be enabled by CONFIG_SECURITY_BPF.
> Without CONFIG_SECURITY_BPF_ENFORCE, the LSM will run the
> attached eBPF programs but not enforce MAC policy based
> on the return value of the attached programs.
> 
> Signed-off-by: KP Singh <kpsingh@xxxxxxxxxx>


Reviewed-by: James Morris <jamorris@xxxxxxxxxxxxxxxxxxx>


-- 
James Morris
<jmorris@xxxxxxxxx>

References:
- [PATCH bpf-next v1 00/13] MAC and Audit policy using eBPF (KRSI)
  - From: KP Singh
- [PATCH bpf-next v1 02/13] bpf: lsm: Add a skeleton and config options
  - From: KP Singh

Prev by Date: Re: [PATCH bpf-next v3 06/11] bpf: Introduce BPF_MAP_TYPE_STRUCT_OPS
Next by Date: RE: [PATCH bpf-next v2 7/8] xdp: remove map_to_flush and map swap detection
Previous by thread: [PATCH bpf-next v1 02/13] bpf: lsm: Add a skeleton and config options
Next by thread: [PATCH bpf-next v1 11/13] tools/libbpf: Add bpf_program__attach_lsm
Index(es):
- Date
- Thread

[Index of Archives] [Linux Samsung SoC] [Linux Rockchip SoC] [Linux Actions SoC] [Linux for Synopsys ARC Processors] [Linux NFS] [Linux NILFS] [Linux USB Devel] [Video for Linux] [Linux Audio Users] [Yosemite News] [Linux Kernel] [Linux SCSI]