[PATCH bpf-next v1 04/13] bpf: lsm: Allow btf_id based attachment for LSM hooks
KP Singh
kpsingh at chromium.org
Mon Dec 30 19:22:45 UTC 2019
On 23-Dez 15:54, Andrii Nakryiko wrote:
> On Fri, Dec 20, 2019 at 7:42 AM KP Singh <kpsingh at chromium.org> wrote:
> >
> > From: KP Singh <kpsingh at google.com>
> >
> > Refactor and re-use most of the logic for BPF_PROG_TYPE_TRACING with a few
> > changes.
> >
> > - The LSM hook BTF types are prefixed with "lsm_btf_"
Got rid of this for v2 as we are using trampoline. Will keep this in
mind if we ever need to generate type information. Thanks!
>
> btf_trace_ and btf_struct_ops all have btf_ first, let's keep this consistent.
>
> > - These types do not need the first (void *) pointer argument. The verifier
> > only looks for this argument if prod->aux->attach_btf_trace is set.
> >
> > Signed-off-by: KP Singh <kpsingh at google.com>
> > ---
> > kernel/bpf/syscall.c | 1 +
> > kernel/bpf/verifier.c | 83 ++++++++++++++++++++++++++++++++++++++++---
> > 2 files changed, 80 insertions(+), 4 deletions(-)
> >
>
> [...]
>
> > +
> > + t = btf_type_by_id(btf_vmlinux, btf_id);
> > + if (!t) {
> > + verbose(env, "attach_btf_id %u is invalid\n", btf_id);
> > + return -EINVAL;
> > + }
> > +
> > + tname = btf_name_by_offset(btf_vmlinux, t->name_off);
> > + if (!tname) {
>
> it can be empty, so better: !tname || !tname[0]
Will fix the usages in v2.
- KP
>
> > + verbose(env, "attach_btf_id %u doesn't have a name\n", btf_id);
> > + return -EINVAL;
> > + }
> > +
>
> [...]
More information about the Linux-security-module-archive
mailing list