[PATCH bpf-next 0/5] Fix kernel panic caused by bpf lsm return value
Roberto Sassu
roberto.sassu at huaweicloud.com
Mon Mar 18 17:02:45 UTC 2024
On Mon, 2024-03-18 at 09:52 -0700, Stanislav Fomichev wrote:
> On 03/16, Xu Kuohai wrote:
> > From: Xu Kuohai <xukuohai at huawei.com>
> >
> > A bpf prog returning positive number attached to file_alloc_security hook
> > will make kernel panic.
>
> I'll leave it up to KP. I remember there was a similar patch series in
> the past, but I have no state on why it was not accepted..
Yes, this one:
v1: https://lore.kernel.org/bpf/20221115175652.3836811-1-roberto.sassu@huaweicloud.com/
v2: https://lore.kernel.org/bpf/20221207172434.435893-1-roberto.sassu@huaweicloud.com/
The selftests were failing, and I wasn't able to come up with a
solution on the verifier side. I see patch 5 goes in that direction,
and I remember there was related work in this area.
(just saw Paul's answer, maybe the new KP's patch set also solves this)
Roberto
More information about the Linux-security-module-archive
mailing list