[PATCH bpf-next v1 10/13] bpf: lsm: Handle attachment of the same program

James Morris jmorris at namei.org
Wed Jan 8 18:21:49 UTC 2020


On Fri, 20 Dec 2019, KP Singh wrote:

> From: KP Singh <kpsingh at google.com>
> 
> Allow userspace to attach a newer version of a program without having
> duplicates of the same program.
> 
> If BPF_F_ALLOW_OVERRIDE is passed, the attachment logic compares the
> name of the new program to the names of existing attached programs. The
> names are only compared till a "__" (or '\0', if there is no "__"). If
> a successful match is found, the existing program is replaced with the
> newer attachment.
> 
> ./loader Attaches "env_dumper__v1" followed by "env_dumper__v2"
> to the bprm_check_security hook..
> 
> ./loader
> ./loader
> 
> Before:
> 
>   cat /sys/kernel/security/bpf/process_execution
>   env_dumper__v1
>   env_dumper__v2
> 
> After:
> 
>   cat /sys/kernel/security/bpf/process_execution
>   env_dumper__v2
> 
> Signed-off-by: KP Singh <kpsingh at google.com>


Reviewed-by: James Morris <jamorris at linux.microsoft.com>


-- 
James Morris
<jmorris at namei.org>



More information about the Linux-security-module-archive mailing list