[PATCH v16 06/12] bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs
Roberto Sassu
roberto.sassu at huaweicloud.com
Wed Sep 7 06:59:25 UTC 2022
On Tue, 2022-09-06 at 11:45 -0700, Alexei Starovoitov wrote:
> On Tue, Sep 6, 2022 at 1:01 AM Roberto Sassu
> <roberto.sassu at huaweicloud.com> wrote:
> > > > +struct bpf_key *bpf_lookup_user_key(u32 serial, u64 flags)
> > > > +{
> > > > + key_ref_t key_ref;
> > > > + struct bpf_key *bkey;
> > > > +
> > > > + if (flags & ~KEY_LOOKUP_ALL)
> > > > + return NULL;
> > > > +
> > > > + /*
> > > > + * Permission check is deferred until the key is used,
> > > > as
> > > > the
> > > > + * intent of the caller is unknown here.
> > > > + */
> > > > + key_ref = lookup_user_key(serial, flags,
> > > > KEY_DEFER_PERM_CHECK);
> > > > + if (IS_ERR(key_ref))
> > > > + return NULL;
> > > > +
> > > > + bkey = kmalloc(sizeof(*bkey), GFP_ATOMIC);
> > >
> > > Since this function (due to lookup_user_key) is sleepable, do we
> > > really need GFP_ATOMIC here?
> >
> > Daniel suggested it for bpf_lookup_system_key(), so that the kfunc
> > does
> > not have to be sleepable.
>
> Hold on. It has to be sleepable. Just take a look
> at what lookup_user_key is doing inside.
>
https://lore.kernel.org/bpf/2b1d62ad-af4b-4694-ecc8-639fbd821a05@iogearbox.net/
Roberto
More information about the Linux-security-module-archive
mailing list