Hello:
This patch was applied to bpf/bpf-next.git (master)
by Alexei Starovoitov <ast@xxxxxxxxxx>:
On Sat, 3 Dec 2022 12:49:54 -0800 you wrote:
> Martin mentioned that the verifier cannot assume arguments from
> LSM hook sk_alloc_security being trusted since after the hook
> is called, the sk ref_count is set to 1. This will overwrite
> the ref_count changed by the bpf program and may cause ref_count
> underflow later on.
>
> I then further checked some other hooks. For example,
> for bpf_lsm_file_alloc() hook in fs/file_table.c,
>
> [...]
Here is the summary with links:
- [bpf-next] bpf: Do not mark certain LSM hook arguments as trusted
https://git.kernel.org/bpf/bpf-next/c/c0c852dd1876
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
