For future patches, please use git-format-patch with --subject-prefix option and specify target tree (bpf vs. bpf-next vs. bpf-next) and patchset version. For this version of the patchset the subject prefix should be "PATCH v3 bpf-next". On Mon, Mar 3, 2025 at 2:24 PM Blaise Boscaccy <bboscaccy@xxxxxxxxxxxxxxxxxxx> wrote: > > Certain bpf syscall subcommands are available for usage from both > userspace and the kernel. LSM modules or eBPF gatekeeper programs may > need to take a different course of action depending on whether or not > a BPF syscall originated from the kernel or userspace. > > Additionally, some of the bpf_attr struct fields contain pointers to > arbitrary memory. Currently the functionality to determine whether or > not a pointer refers to kernel memory or userspace memory is exposed > to the bpf verifier, but that information is missing from various LSM > hooks. > > Here we augment the LSM hooks to provide this data, by simply passing > a boolean flag indicating whether or not the call originated in the > kernel, in any hook that contains a bpf_attr struct that corresponds > to a subcommand that may be called from the kernel. > > Signed-off-by: Blaise Boscaccy <bboscaccy@xxxxxxxxxxxxxxxxxxx> > --- > include/linux/lsm_hook_defs.h | 6 +++--- > include/linux/security.h | 12 ++++++------ > kernel/bpf/syscall.c | 10 +++++----- > security/security.c | 15 +++++++++------ > security/selinux/hooks.c | 6 +++--- > tools/testing/selftests/bpf/progs/rcu_read_lock.c | 3 ++- > .../selftests/bpf/progs/test_cgroup1_hierarchy.c | 4 ++-- > .../selftests/bpf/progs/test_kfunc_dynptr_param.c | 6 +++--- > .../testing/selftests/bpf/progs/test_lookup_key.c | 2 +- > .../selftests/bpf/progs/test_ptr_untrusted.c | 2 +- > .../selftests/bpf/progs/test_task_under_cgroup.c | 2 +- > .../selftests/bpf/progs/test_verify_pkcs7_sig.c | 2 +- Please put kernel changes and selftest changes in two patches. Other than this: Acked-by: Song Liu <song@xxxxxxxxxx> > 12 files changed, 37 insertions(+), 33 deletions(-)
