On Tue, Jun 28, 2022 at 07:21:42PM +0200, KP Singh wrote: > On Tue, Jun 28, 2022 at 7:20 PM KP Singh <kpsingh@xxxxxxxxxx> wrote: > > On Tue, Jun 28, 2022 at 7:13 PM Christian Brauner <brauner@xxxxxxxxxx> wrote: > > > On Tue, Jun 28, 2022 at 04:19:43PM +0000, KP Singh wrote: > > > > v4 -> v5 > > > > > > > > - Fixes suggested by Andrii > > > > > > > > v3 -> v4 > > > > > > > > - Fixed issue incorrect increment of arg counter > > > > - Removed __weak and noinline from kfunc definiton > > > > - Some other minor fixes. > > > > > > > > v2 -> v3 > > > > > > > > - Fixed missing prototype error > > > > - Fixes suggested by other Joanne and Kumar. > > > > > > > > v1 -> v2 > > > > > > > > - Used kfuncs as suggested by Alexei > > > > - Used Benjamin Tissoires' patch from the HID v4 series to add a > > > > sleepable kfunc set (I sent the patch as a part of this series as it > > > > seems to have been dropped from v5) and acked it. Hope this is okay. > > > > - Added support for verifying string constants to kfuncs > > > > > > Hm, I mean this isn't really giving any explanation as to why you are > > > doing this. There's literally not a single sentence about the rationale? > > > Did you accidently forget to put that into the cover letter? :) > > > > > > Yes, actually I did forget to copy paste :) > > > > Foundation for building more complex security policies using the > > BPF LSM as presented in LSF/MM/BPF: > > > > http://vger.kernel.org/bpfconf2022_material/lsfmmbpf2022-xattr.pdf\ > > And my copy paste skills are getting worse (with the back-slash removed): > > http://vger.kernel.org/bpfconf2022_material/lsfmmbpf2022-xattr.pdf There's literally zero information in that link, so I still have no clue on what this does and how it interacts with filesystem xattr code. So for those of us who have zero clue as to what you are trying to do, please write a cover letter containing a non-zero amount of information. i.e. a description of the problem, the threat model being addressed, the design of the infrastructure that needs this hook, document assumptions that have been made (e.g. for accessing inode metadata atomically from random bpf contexts), what xattr namespace(s) this hook should belong/be constrained to, whether you're going to ask for a setxattr hook next, etc. At minimum this is going to need a bunch of documentation for people to understand how to use this - where can I find that? Cheers, Dave. -- Dave Chinner david@xxxxxxxxxxxxx
