From: Matteo Croce <mcroce@xxxxxxxxxxxxx> Add a field in bpf_attr which contains a signature for the eBPF instructions. The signature is validated bpf_prog_load() in a similar way as kernel modules are checked in load_module(). This only works with CO-RE programs. The signature is generated by bpftool and embedded into the light skeleton along with the instructions. The bpftool crypto code is based on sign-file, supports the same interface, and is compiled only if libcrypto is available, to avoid potential breaks. Possible improvements: - Add a knob which makes the signature check mandatory, similarly to CONFIG_MODULE_SIG_FORCE - Add a dedicate key_being_used_for type instead of using VERIFYING_MODULE_SIGNATURE, e.g. VERIFYING_BPF_SIGNATURE This depends on the kernel side co-re relocation[1]. [1] https://lore.kernel.org/bpf/20210917215721.43491-1-alexei.starovoitov@xxxxxxxxx/ Matteo Croce (2): bpf: add signature to eBPF instructions bpftool: add signature in skeleton include/uapi/linux/bpf.h | 2 + kernel/bpf/syscall.c | 33 ++++- tools/bpf/bpftool/Makefile | 14 ++- tools/bpf/bpftool/gen.c | 33 +++++ tools/bpf/bpftool/main.c | 28 +++++ tools/bpf/bpftool/main.h | 7 ++ tools/bpf/bpftool/sign.c | 217 +++++++++++++++++++++++++++++++++ tools/include/uapi/linux/bpf.h | 2 + tools/lib/bpf/skel_internal.h | 4 + 9 files changed, 336 insertions(+), 4 deletions(-) create mode 100644 tools/bpf/bpftool/sign.c -- 2.33.0
