[PATCH bpf-next 0/4] Introduce bpf_kernfs_read_xattr
Song Liu
song at kernel.org
Wed Jun 18 23:37:35 UTC 2025
Introduce a new kfunc bpf_kernfs_read_xattr, which can read xattr from
kernfs nodes (cgroupfs, for example). The primary users are LSMs, for
example, from systemd. sched_ext could also use xattrs on cgroupfs nodes.
However, this is not allowed yet, because bpf_kernfs_read_xattr is only
allowed from LSM hooks. The plan is to address sched_ext later (or in a
later revision of this set).
Song Liu (4):
kernfs: Add __kernfs_xattr_get for RCU protected access
bpf: Introduce bpf_kernfs_read_xattr to read xattr of kernfs nodes
bpf: Mark cgroup_subsys_state->cgroup RCU safe
selftests/bpf: Add tests for bpf_kernfs_read_xattr
fs/bpf_fs_kfuncs.c | 33 ++++
fs/kernfs/inode.c | 14 ++
include/linux/kernfs.h | 2 +
kernel/bpf/verifier.c | 5 +
.../selftests/bpf/prog_tests/kernfs_xattr.c | 145 ++++++++++++++++++
.../selftests/bpf/progs/kernfs_read_xattr.c | 117 ++++++++++++++
.../selftests/bpf/progs/read_cgroupfs_xattr.c | 60 ++++++++
7 files changed, 376 insertions(+)
create mode 100644 tools/testing/selftests/bpf/prog_tests/kernfs_xattr.c
create mode 100644 tools/testing/selftests/bpf/progs/kernfs_read_xattr.c
create mode 100644 tools/testing/selftests/bpf/progs/read_cgroupfs_xattr.c
--
2.47.1
More information about the Linux-security-module-archive
mailing list