[PATCH v5 bpf-next 5/5] bpf/selftests: Add a selftest for bpf_getxattr

KP Singh kpsingh at kernel.org
Thu Jun 30 22:25:44 UTC 2022


On Thu, Jun 30, 2022 at 6:29 PM Amir Goldstein <amir73il at gmail.com> wrote:
>
> > >
> > > This discussion would probably be a lot shorter if this series were sent
> > > with a proper explanation of how this supposed to work and what it's
> > > used for.
> >
> > It's currently scoped to BPF LSM (albeit limited to LSM for now)
> > but it won't just be used in LSM programs but some (allow-listed)
> > tracing programs too.
> >
>
> KP,
>
> Without taking sides in the discussion about the security aspect of
> bpf_getxattr(),
> I wanted to say that we have plans to add BPF hooks for fanotify event
> filters and
> AFAIK Alessio's team is working on adding BPF hooks for FUSE bypass decisions.
>
> In both those cases, being able to tag files with some xattr and use
> that as part of
> criteria in the hook would be very useful IMO, but I don't think that
> it should be a
> problem to limit the scope of the allowed namespace to security.bpf.* for these
> use cases.

Thanks Amir, I agree, this does seem like a practical way to move forward.

Cheers,
- KP

>
> Thanks,
> Amir.



More information about the Linux-security-module-archive mailing list