On 15/11/2022 13:53, Teo Couprie Diaz wrote:
Hi,
On 15/11/2022 09:08, Zachary Leaf wrote:
Hi,
This RFC proposes changes to the bpf syscall to support propagating user pointers as capabilities in the pure-capability kernel-user ABI (PCuABI). It also includes an approach to supporting the existing aarch64 ABI as a COMPAT layer (compat64).
Since the bpf syscall is multiplexed this RFC changes only the BPF_PROG_LOAD option. The idea is to agree on the general approach and get some feedback here before the remaining options are changed to fully support the syscall.
Since the changes are incomplete, functions in this series suffixed with _fixed will eventually replace the original function it is updating. The originals remain in place for now.
Patches 8 and 9 provide two potential solutions to one problem. I don't know enough about LSMs to decide there so any input there appreciated.
Reading both of them the second solution requires a bit more work upfront from us but I feel that it makes the most sense : no need to update the LSMs and the compat/not compat split is handled right where it happens. I haven't looked into it but maybe other parts of the kernel need something similar already ?
That's my thoughts as well and a good summary of how the situation appears to me. Where it's been moved to we're not adding much inbetween expect a switch statement and the conversion from compat_bpf_attr to bpf_attr. That doesn't seem like an issue to me, but does increase diff size a bit since the hook now appears in every option instead of only inside __sys_bpf.
A basic LTP test that only does a bare minimal bpf(BPF_PROG_LOAD...) syscall has been created for this RFC to verify these changes. This also tests the new CHECK_ATTR macro implementation.
Kernel branch available at: https://git.morello-project.org/zdleaf/linux/-/commits/rfc/bpf
LTP test at: https://git.morello-project.org/zdleaf/morello-linux-test-project/-/commits/...
Thanks,
Zach
Overall nothing jumped out to me, it looks pretty good and makes sense to me ! It did help to have read Tudor's patches previously as some things are quite similar between the two.
Thanks for taking a look. Yes it's pretty similar to the io_uring and epoll changes. epoll is worth a look too, as well as the changes to io_submit/aio if you didn't catch those.
Thanks, Zach
Cheers, Téo
Zachary Leaf (9): arm64: morello: enable eBPF and tracing bpf/net: copy ptrs from user with bpf/sockptr_t bpf: extend bpfptr_t to use pointers bpf: use user pointer types for bpf_attr bpf: add compat64 handling of bpf syscall bpf: make CHECK_ATTR support compat temp for RFC: add padding to BPF_PROG_LOAD bpf/security: update bpf lsm API bpf/security: move lsm hook point
.../morello_transitional_pcuabi_defconfig | 15 ++- include/linux/bpfptr.h | 19 ++++ include/linux/sockptr.h | 9 ++ include/uapi/linux/bpf.h | 55 +++++++++-- kernel/bpf/syscall.c | 95 ++++++++++++++++--- kernel/bpf/verifier.c | 10 +- 6 files changed, 176 insertions(+), 27 deletions(-)
-- 2.34.1
linux-morello mailing list -- linux-morello@op-lists.linaro.org To unsubscribe send an email to linux-morello-leave@op-lists.linaro.org