On Thu, Mar 7, 2024 at 12:51 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote: > > On Thu, Mar 7, 2024 at 4:55 AM Christian Brauner <brauner@xxxxxxxxxx> wrote: > > > > There's one fundamental question here that we'll need an official answer to: > > > > Is it ok for an out-of-tree BPF LSM program, that nobody has ever seen > > to request access to various helpers in the kernel? > > Phrased in a slightly different way, and a bit more generalized: do we > treat out-of-tree BPF programs the same as we do with out-of-tree > kernel modules? I believe that's the real question, and if we answer > that, we should also have our answer for the internal helper function > question. >From 10k ft view bpf programs may look like kernel modules, but looking closely they are very different. Modules can read/write any data structure and can call any exported function. All modules fall into two categories GPL or not. While bpf progs are divided by program type. Tracing progs can read any kernel memory safely via probe_read_kernel. Networking prog can read/write packets, but cannot read kernel memory. bpf_lsm programs can be called from lsm hooks and call only kfuncs that were explicitly allowlisted to bpf_lsm prog type. Furthermore kfuncs have acquire/release semantics enforced by the verifier. For example, bpf progs can do bpf_rcu_read_lock() which is a wrapper around rcu_read_lock() and the verifier will make sure that bpf_rcu_read_unlock() is called. Under bpf_rcu_read_lock() bpf programs can dereference __rcu tagged fields and the verifier will track them as rcu protected objects until bpf_rcu_read_unlock(). In other words the verifier is doing sparse-on-steroids analysis and enforcing it. Kernel modules are not subject to such enforcement. One more distinction: 99.9% of bpf features require a GPL-ed bpf program. All kfuncs are GPL only.