On Tue, Oct 15, 2024 at 05:21:48AM +0000, Song Liu wrote: > >> Extend test_progs fs_kfuncs to cover different xattr names. Specifically: > >> xattr name "user.kfuncs", "security.bpf", and "security.bpf.xxx" can be > >> read from BPF program with kfuncs bpf_get_[file|dentry]_xattr(); while > >> "security.bpfxxx" and "security.selinux" cannot be read. > > > > So you read code from untrusted user.* xattrs? How can you carve out > > that space and not known any pre-existing userspace cod uses kfuncs > > for it's own purpose? > > I don't quite follow the comment here. > > Do you mean user.* xattrs are untrusted (any user can set it), so we > should not allow BPF programs to read them? Or do you mean xattr > name "user.kfuncs" might be taken by some use space? All of the above.
