[PATCH v2 02/13] bpf: Implement exclusive map creation
Fan Wu
wufan at kernel.org
Tue Jul 29 22:59:05 UTC 2025
On Mon, Jul 21, 2025 at 2:35 PM KP Singh <kpsingh at kernel.org> wrote:
>
> Exclusive maps allow maps to only be accessed by program with a
> program with a matching hash which is specified in the excl_prog_hash
> attr.
>
> For the signing use-case, this allows the trusted loader program
> to load the map and verify the integrity
>
> Signed-off-by: KP Singh <kpsingh at kernel.org>
> ---
> include/linux/bpf.h | 1 +
> include/uapi/linux/bpf.h | 2 ++
> kernel/bpf/syscall.c | 32 ++++++++++++++++++++++++++++----
> kernel/bpf/verifier.c | 6 ++++++
> tools/include/uapi/linux/bpf.h | 2 ++
> 5 files changed, 39 insertions(+), 4 deletions(-)
>
...
> -static int map_create(union bpf_attr *attr, bool kernel)
> +static int map_create(union bpf_attr *attr, bpfptr_t uattr)
> {
> const struct bpf_map_ops *ops;
> struct bpf_token *token = NULL;
> @@ -1527,7 +1528,30 @@ static int map_create(union bpf_attr *attr, bool kernel)
> attr->btf_vmlinux_value_type_id;
> }
>
> - err = security_bpf_map_create(map, attr, token, kernel);
> + if (attr->excl_prog_hash) {
> + bpfptr_t uprog_hash = make_bpfptr(attr->excl_prog_hash, uattr.is_kernel);
> +
> + map->excl_prog_sha = kzalloc(SHA256_DIGEST_SIZE, GFP_KERNEL);
> + if (!map->excl_prog_sha) {
> + err = -ENOMEM;
> + goto free_map;
> + }
> +
> + if (attr->excl_prog_hash_size != SHA256_DIGEST_SIZE) {
> + err = -EINVAL;
> + goto free_map;
> + }
Nit: Maybe check the size first to avoid unncessary kzalloc?
-Fan
> +
> + if (copy_from_bpfptr(map->excl_prog_sha, uprog_hash,
> + SHA256_DIGEST_SIZE)) {
> + err = -EFAULT;
> + goto free_map;
> + }
> + } else if (attr->excl_prog_hash_size) {
> + return -EINVAL;
> + }
> +
> + err = security_bpf_map_create(map, attr, token, uattr.is_kernel);
> if (err)
> goto free_map_sec;
>
More information about the Linux-security-module-archive
mailing list