On Tue, Jun 21, 2022 at 06:37:54PM +0200, Roberto Sassu wrote:
> Add the bpf_lookup_user_key() and bpf_key_put() helpers, to respectively
> search a key with a given serial, and release the reference count of the
> found key.
>
> Signed-off-by: Roberto Sassu <[email protected]>
> ---
> include/uapi/linux/bpf.h | 16 ++++++++++++
> kernel/bpf/bpf_lsm.c | 46 ++++++++++++++++++++++++++++++++++
> kernel/bpf/verifier.c | 6 +++--
> scripts/bpf_doc.py | 2 ++
> tools/include/uapi/linux/bpf.h | 16 ++++++++++++
> 5 files changed, 84 insertions(+), 2 deletions(-)
>
> diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> index e81362891596..7bbcf2cd105d 100644
> --- a/include/uapi/linux/bpf.h
> +++ b/include/uapi/linux/bpf.h
> @@ -5325,6 +5325,20 @@ union bpf_attr {
> * **-EACCES** if the SYN cookie is not valid.
> *
> * **-EPROTONOSUPPORT** if CONFIG_IPV6 is not builtin.
> + *
> + * struct key *bpf_lookup_user_key(u32 serial, unsigned long flags)
> + * Description
> + * Search a key with a given *serial* and the provided *flags*, and
> + * increment the reference count of the key.
Why passing 'flags' is ok to do?
Please think through every line of the patch.