Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp3445171pxb; Mon, 16 Nov 2020 15:09:34 -0800 (PST) X-Google-Smtp-Source: ABdhPJzh8IQCWcW7JYn6fDv2ljwQyt9rUF681Zk19zsokeybi9D2MzzjYRPiME/CN1YMHr+HdYIv X-Received: by 2002:a17:906:e24d:: with SMTP id gq13mr628624ejb.262.1605568174726; Mon, 16 Nov 2020 15:09:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1605568174; cv=none; d=google.com; s=arc-20160816; b=OQtyo3KMMhkJjZZsfFlHiR21MYr1xSvnz1ksEojVmJ7ItUtAnbqt7K9trqIrSX7OYj YAhhqrNjs0ZYr5zKNDi8/f0P1K0OTsS//enj71zRmBzNRih/wi+stL4Qycv24XVPy58I fZpUiDpeWRmHMx7+0p6zamJBoMu8qlpUjlZMmD9oHmz8loS0j+knRPibtGeDAOQBdnKG yeNMlUPnby3osPRW/v1AfeP8WVJdm3jLca1qGsY1dxoO5unvQeSXpsUkc2Ifrp3NMQFM jwT3lJrWWfGaweD64LUkRcRm36D3cnekr0nILPjlh1gVufQCG9zmuVQdOdSvMuxciB1B xicw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=wW8IUNAptqvWRtctO8+YJZugcJSalzqIkeIZj+Z4Rtw=; b=cnI1UyvrKHwq3CtHayezJJSuWhsbBi/XdhBrAv88EZ1lGjKnflw6BU3AWrW6bj83pL hcPM80yOYtfc4ABbNu3LeaNXYXMbKMAHHKeEatGdZQmXzGy+N2+M8vbfSJ6VszZlQdWE P0PVbEz0OInVfpulIUW8vRkBffzEcXRY2DLB2q+g6rw7QlycxFCK74NGmF5ljwIOaT/I ZGSPsumS8mZkuf00jD5Y+bv4FFDHeI3DTCKGdMtai7RjAtc7uSKAa+5zayuU5+cJuo1s Rk1Qn4bFf6I2Kr0kskL93dsDSV/RjvhzRvGfm1pEjHuZHnnGF1oMJCMfEIkZ2Hjv5U+M YEHQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=fYSORLuD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id e9si12461157ejk.493.2020.11.16.15.09.11; Mon, 16 Nov 2020 15:09:34 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=fYSORLuD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727413AbgKPXAY (ORCPT + 99 others); Mon, 16 Nov 2020 18:00:24 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40026 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725379AbgKPXAX (ORCPT ); Mon, 16 Nov 2020 18:00:23 -0500 Received: from mail-lj1-x243.google.com (mail-lj1-x243.google.com [IPv6:2a00:1450:4864:20::243]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6572EC0613CF; Mon, 16 Nov 2020 15:00:22 -0800 (PST) Received: by mail-lj1-x243.google.com with SMTP id p12so22040216ljc.9; Mon, 16 Nov 2020 15:00:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wW8IUNAptqvWRtctO8+YJZugcJSalzqIkeIZj+Z4Rtw=; b=fYSORLuDaalmGULUcgovWcBMhYmu+41qeaivS3tk/IuTo5jKCuZSEuTN27m0/s25Gi qIBi7vR5LdvkyHyia67g1l6ZhEUStwTqFVOt6nkhYYboVUYV4YEKf7Z7EvdMFYZxKJkr 35OtG/yhXNpP8+WI/yt5S36pRY2xccZj/dPqwWh9mK2epHf826UM/2wOrkknxarawbRo iYTtABlnmGLfbYy9dlc+y1lgs0eJCGR2tAv5t/CLnWoQ3v9CNlxwDB8vQ2mHmKpTVixq KGN7GBqdQW/dk6RpG2qzYRRWySDeXTjJ+pzNcPBzUZRRPh7uHDfsKMLXssG7zd+OlqhX Ks2Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wW8IUNAptqvWRtctO8+YJZugcJSalzqIkeIZj+Z4Rtw=; b=cn3Iqzlwz0XMhACnd8yt+qeJrp4z3iPLKNSd9clD16jaGtMLFbMn4iQFqIzindUDM2 +7Zrpkb0kvS2hqbEjvOHiel3y/xp68abXCufUM27bC8OF+f3WT4rwPXi77FwHGFGIJVl DFq7f+p57pVGGbd5xItfo18pfi//M1rVOLOcs0L/LAmFPUhGu4oetj13LnPjb/uNjAeS MHcOX3SLgxOf4CTYNaqPF9obN4BMMTbUjBLqaDAucZhNh/qefhgfu5xgrSM0jls9d24S +O4iVZqvLMCkS0qrn4RiOb5RMOh5o+BcWM/rj9ynD8ZkLux5G8kD4Eo14SiKjUyebR/H Kqgw== X-Gm-Message-State: AOAM530BfLvvfdT1HAe543rLiG/8MUs/N+CTa2Z7JwXkH42ZB4eiuivp 41UDoCBJN/bQazA0kK2LbHz+1WmwrtkRdZyKpPOq6z1h X-Received: by 2002:a2e:8982:: with SMTP id c2mr652402lji.121.1605567620926; Mon, 16 Nov 2020 15:00:20 -0800 (PST) MIME-Version: 1.0 References: <20201116140110.1412642-1-kpsingh@chromium.org> <793acf23-b263-6ae5-2206-18fcdfa991eb@iogearbox.net> In-Reply-To: From: Alexei Starovoitov Date: Mon, 16 Nov 2020 15:00:09 -0800 Message-ID: Subject: Re: [PATCH bpf-next 1/2] bpf: Add bpf_lsm_set_bprm_opts helper To: KP Singh Cc: Daniel Borkmann , open list , bpf , Alexei Starovoitov , Martin KaFai Lau , Song Liu , Paul Turner , Pauline Middelink Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Nov 16, 2020 at 2:48 PM KP Singh wrote: > > [...] > > > > > > > +BPF_CALL_2(bpf_lsm_set_bprm_opts, struct linux_binprm *, bprm, u64, flags) > > > +{ > > > > This should also reject invalid flags. I'd rather change this helper from RET_VOID > > to RET_INTEGER and throw -EINVAL for everything other than BPF_LSM_F_BPRM_SECUREEXEC > > passed in here including zero so it can be extended in future. > > Sounds good, I added: > > enum { > BPF_LSM_F_BPRM_SECUREEXEC = (1ULL << 0), > + /* Mask for all the currently supported BPRM options */ > + BPF_LSM_F_BRPM_OPTS_MASK = 0x1ULL, > }; No need to add it to uapi. Keep it next to the helper in .c file like it's done with other flags.