[PATCH v6 bpf-next 0/7] Enable writing xattr from BPF programs
Song Liu
songliubraving at meta.com
Thu Dec 19 22:14:40 UTC 2024
CI found a bug with this. I will resend. Sorry for the noise.
Song
> On Dec 19, 2024, at 12:25 PM, Song Liu <song at kernel.org> wrote:
>
> Add support to set and remove xattr from BPF program. Also add
> security.bpf. xattr name prefix.
>
> kfuncs are added to set and remove xattrs with security.bpf. name
> prefix. Update kfuncs bpf_get_[file|dentry]_xattr to read xattrs
> with security.bpf. name prefix. Note that BPF programs can read
> user. xattrs, but not write and remove them.
>
> To pick the right version of kfunc to use, a remap logic is added to
> btf_kfunc_id_set. This helps move some kfunc specific logic off the
> verifier core code. Also use this remap logic to select
> bpf_dynptr_from_skb or bpf_dynptr_from_skb_rdonly.
>
More information about the Linux-security-module-archive
mailing list