[PATCH v16 06/12] bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs
Alexei Starovoitov
alexei.starovoitov at gmail.com
Tue Sep 6 18:45:27 UTC 2022
On Tue, Sep 6, 2022 at 1:01 AM Roberto Sassu
<roberto.sassu at huaweicloud.com> wrote:
>
> > > +struct bpf_key *bpf_lookup_user_key(u32 serial, u64 flags)
> > > +{
> > > + key_ref_t key_ref;
> > > + struct bpf_key *bkey;
> > > +
> > > + if (flags & ~KEY_LOOKUP_ALL)
> > > + return NULL;
> > > +
> > > + /*
> > > + * Permission check is deferred until the key is used, as
> > > the
> > > + * intent of the caller is unknown here.
> > > + */
> > > + key_ref = lookup_user_key(serial, flags,
> > > KEY_DEFER_PERM_CHECK);
> > > + if (IS_ERR(key_ref))
> > > + return NULL;
> > > +
> > > + bkey = kmalloc(sizeof(*bkey), GFP_ATOMIC);
> >
> > Since this function (due to lookup_user_key) is sleepable, do we
> > really need GFP_ATOMIC here?
>
> Daniel suggested it for bpf_lookup_system_key(), so that the kfunc does
> not have to be sleepable.
Hold on. It has to be sleepable. Just take a look
at what lookup_user_key is doing inside.
> For symmetry, I did the same to
> bpf_lookup_user_key(). Will switch back to GFP_KERNEL.
>
> Thanks
>
> Roberto
>
More information about the Linux-security-module-archive
mailing list