[PATCH bpf-next v1 04/13] bpf: lsm: Allow btf_id based attachment for LSM hooks
Andrii Nakryiko
andrii.nakryiko at gmail.com
Mon Dec 23 23:54:38 UTC 2019
On Fri, Dec 20, 2019 at 7:42 AM KP Singh <kpsingh at chromium.org> wrote:
>
> From: KP Singh <kpsingh at google.com>
>
> Refactor and re-use most of the logic for BPF_PROG_TYPE_TRACING with a few
> changes.
>
> - The LSM hook BTF types are prefixed with "lsm_btf_"
btf_trace_ and btf_struct_ops all have btf_ first, let's keep this consistent.
> - These types do not need the first (void *) pointer argument. The verifier
> only looks for this argument if prod->aux->attach_btf_trace is set.
>
> Signed-off-by: KP Singh <kpsingh at google.com>
> ---
> kernel/bpf/syscall.c | 1 +
> kernel/bpf/verifier.c | 83 ++++++++++++++++++++++++++++++++++++++++---
> 2 files changed, 80 insertions(+), 4 deletions(-)
>
[...]
> +
> + t = btf_type_by_id(btf_vmlinux, btf_id);
> + if (!t) {
> + verbose(env, "attach_btf_id %u is invalid\n", btf_id);
> + return -EINVAL;
> + }
> +
> + tname = btf_name_by_offset(btf_vmlinux, t->name_off);
> + if (!tname) {
it can be empty, so better: !tname || !tname[0]
> + verbose(env, "attach_btf_id %u doesn't have a name\n", btf_id);
> + return -EINVAL;
> + }
> +
[...]
More information about the Linux-security-module-archive
mailing list