[PATCH bpf-next 00/10] Centralize BPF permission checks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This patch set refactors BPF subsystem permission checks for BPF maps and
programs, localizes them in one place, and ensures all parts of BPF ecosystem
(BPF verifier and JITs, and their supporting infra) use recorded effective
capabilities, stored in respective bpf_map or bpf_prog structs, for further
decision making.

This allows for more explicit and centralized handling of BPF-related
capabilities and makes for simpler further BPF permission model evolution, to
be proposed and discussed in follow up patch sets.

Andrii Nakryiko (10):
  bpf: move unprivileged checks into map_create() and bpf_prog_load()
  bpf: inline map creation logic in map_create() function
  bpf: centralize permissions checks for all BPF map types
  bpf: remember if bpf_map was unprivileged and use that consistently
  bpf: drop unnecessary bpf_capable() check in BPF_MAP_FREEZE command
  bpf: keep BPF_PROG_LOAD permission checks clear of validations
  bpf: record effective capabilities at BPF prog load time
  bpf: use recorded BPF prog effective caps when fetching helper protos
  bpf: use recorded bpf_capable flag in JIT code
  bpf: consistenly use program's recorded capabilities in BPF verifier

 arch/arm/net/bpf_jit_32.c                     |   2 +-
 arch/arm64/net/bpf_jit_comp.c                 |   2 +-
 arch/loongarch/net/bpf_jit.c                  |   2 +-
 arch/mips/net/bpf_jit_comp.c                  |   2 +-
 arch/powerpc/net/bpf_jit_comp.c               |   2 +-
 arch/riscv/net/bpf_jit_core.c                 |   3 +-
 arch/s390/net/bpf_jit_comp.c                  |   3 +-
 arch/sparc/net/bpf_jit_comp_64.c              |   2 +-
 arch/x86/net/bpf_jit_comp.c                   |   3 +-
 arch/x86/net/bpf_jit_comp32.c                 |   2 +-
 drivers/media/rc/bpf-lirc.c                   |   2 +-
 include/linux/bpf.h                           |  32 ++-
 include/linux/filter.h                        |   8 +-
 kernel/bpf/arraymap.c                         |  59 +++--
 kernel/bpf/bloom_filter.c                     |   3 -
 kernel/bpf/bpf_local_storage.c                |   3 -
 kernel/bpf/bpf_struct_ops.c                   |   3 -
 kernel/bpf/cgroup.c                           |   6 +-
 kernel/bpf/core.c                             |  22 +-
 kernel/bpf/cpumap.c                           |   4 -
 kernel/bpf/devmap.c                           |   3 -
 kernel/bpf/hashtab.c                          |   6 -
 kernel/bpf/helpers.c                          |   6 +-
 kernel/bpf/lpm_trie.c                         |   3 -
 kernel/bpf/map_in_map.c                       |   3 +-
 kernel/bpf/queue_stack_maps.c                 |   4 -
 kernel/bpf/reuseport_array.c                  |   3 -
 kernel/bpf/stackmap.c                         |   3 -
 kernel/bpf/syscall.c                          | 218 ++++++++++++------
 kernel/bpf/trampoline.c                       |   2 +-
 kernel/bpf/verifier.c                         |  23 +-
 kernel/trace/bpf_trace.c                      |   2 +-
 net/core/filter.c                             |  36 +--
 net/core/sock_map.c                           |   4 -
 net/ipv4/bpf_tcp_ca.c                         |   2 +-
 net/netfilter/nf_bpf_link.c                   |   2 +-
 net/xdp/xskmap.c                              |   4 -
 .../bpf/prog_tests/unpriv_bpf_disabled.c      |   6 +-
 38 files changed, 280 insertions(+), 215 deletions(-)

-- 
2.34.1
[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux