Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp3526812pxb; Mon, 16 Nov 2020 17:53:42 -0800 (PST) X-Google-Smtp-Source: ABdhPJwFxWdtNK7e8LPAO0Gbt2C4NXJylyV4VR0XiaWy8bcUhErFImoQkE8gVu9MdeFgEMh5OQDG X-Received: by 2002:aa7:d2d2:: with SMTP id k18mr17862069edr.290.1605578021817; Mon, 16 Nov 2020 17:53:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1605578021; cv=none; d=google.com; s=arc-20160816; b=KWHJ2qG3dpOySofYiSNm7NldEfSPg//DKXi6hwRTvRCwosH/pUvH8Ny+DHpTVAwlLz JJrXyIlDxur+RrBcVC1tvIbuuJfqpH1tKlNrC1gOmx+ZT+yFRKYq/X24ZylijrAQ2IXc 8CRX3gu7QYTSgE8nqsSawXM9OxfpBNzBuXHpQkL4b3iHfPvX/8Y/XLplFWonC+I4R2eR AR+xqOccnvkowFjaphxLpZaf/GhVbVnpMoZ/F9h7GtW+S8PPzWCKgNvH4floY2IeLvUn l4IKYyxsJgN3KcQu/WMz8Lwp4mot5rK2tpob9jQINsNIhyhJgj5Jm0o99qtfG+CmnM/a wQ+Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=K9YYtxJZQ61dSHuSpVyOeAjqq4q4KVseeuBlzImXEsk=; b=yAfPPOTjkKbZ7TmG66BXytVKb/8iEGE0gEC1Hln0VuCC5PpEnhPyE4AcNG+ogdAAPl bJ8aiWG84cFYpttgh0vhgMCWpTauW0MK8x3MtHIZNxvfQrmcoZ7/nne6RT2FHjfRCMfp QfG11qIMpzAhXDc2KIimdWSX7VC9ce1Xh1gWd0EG1taYfNBjPvKtz4+Ah8eaSH3yfD0c u4ftE5twEkFXeiWRb5RVtl0XEoyKwKGo+EdFX/9B+GoyGkeYBU/6vxncQ33Y6HG1eEPp wfRQqqCp5m6xam7nZvv3uAAs1fXGAKzL5F7Aa+dFsou6HDVJ9zv4h9kVCHVGgn/OJ2iq qzvw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=iyTqTWge; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id x1si2474960ejj.11.2020.11.16.17.53.19; Mon, 16 Nov 2020 17:53:41 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=iyTqTWge; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730602AbgKPOtX (ORCPT + 99 others); Mon, 16 Nov 2020 09:49:23 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47492 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730597AbgKPOtV (ORCPT ); Mon, 16 Nov 2020 09:49:21 -0500 Received: from mail-lf1-x141.google.com (mail-lf1-x141.google.com [IPv6:2a00:1450:4864:20::141]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1AA80C0613D1 for ; Mon, 16 Nov 2020 06:49:21 -0800 (PST) Received: by mail-lf1-x141.google.com with SMTP id s30so25500974lfc.4 for ; Mon, 16 Nov 2020 06:49:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=K9YYtxJZQ61dSHuSpVyOeAjqq4q4KVseeuBlzImXEsk=; b=iyTqTWgek9bpE1bnvCpobrfYhS0xCjKb3JBPV+nxXvs4iD6Z/VuKvsdWJkQfGdMT24 a0aVXFiD7UOh2jj1/LZ8S17qmTdHdU0v+GxXMKhiRAlpGNrhLZ54+DwuC5RZyHzSx/UD 2NnvlyyG4FPwdQOiosGPPn8y8am71+tfm9RPg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=K9YYtxJZQ61dSHuSpVyOeAjqq4q4KVseeuBlzImXEsk=; b=mXCru/qrZWy1XAwA8QD6aHbAwy5lfhyp3k4F5TMXKCB+9mo8eor2H6rOvny8dgVr21 KF/Z/Q9+qr20ZvUex3DQwrEmq36t5tl9sijEr9ZZnoeEDdWJ+Pi8l3+JTntCyaca5Y5z n7a9UOn6KY/YAfq1CGhNJJCnZDa6VJhnVYasmIbZ8teKmqQ129gV16//v9slTdz1uOWD iQ/eI+y9/lj7W6fW2KpdVar5VJGC+ESKNz/oTsH2BOM5Zn6cyjgCxUr2C+HhVzJ76Bre 4PlcCI5gZzt1Tl6W5nGh0iw29tUmEJtn5QBTGv4CNyVD2Jd6ycgb6oUTHckgehAi/BZ9 WwJA== X-Gm-Message-State: AOAM533tcdXXXnzGDDGS09b+h9udRRzelUNnVl1SrD8AWLEJi/p6nrYw KaslGnXNr02h6RrTp25HU0G4DBWhSvmQlGHy06SdiZP21ulZEfwP X-Received: by 2002:ac2:5591:: with SMTP id v17mr5379656lfg.562.1605538159370; Mon, 16 Nov 2020 06:49:19 -0800 (PST) MIME-Version: 1.0 References: <20201116140110.1412642-1-kpsingh@chromium.org> <20201116140110.1412642-2-kpsingh@chromium.org> In-Reply-To: <20201116140110.1412642-2-kpsingh@chromium.org> From: KP Singh Date: Mon, 16 Nov 2020 15:49:08 +0100 Message-ID: Subject: Re: [PATCH bpf-next 2/2] bpf: Add tests for bpf_lsm_set_bprm_opts To: open list , bpf Cc: Alexei Starovoitov , Daniel Borkmann , Martin KaFai Lau , Song Liu , Paul Turner , Pauline Middelink Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org [...] > + > +#include "vmlinux.h" > +#include > +#include > +#include > + > +char _license[] SEC("license") = "GPL"; > + > +struct { > + __uint(type, BPF_MAP_TYPE_TASK_STORAGE); > + __uint(map_flags, BPF_F_NO_PREALLOC); > + __type(key, int); > + __type(value, int); > +} secure_exec_task_map SEC(".maps"); > + > +SEC("lsm/bprm_creds_for_exec") > +int BPF_PROG(secure_exec, struct linux_binprm *bprm) > +{ > + int *secureexec; > + > + secureexec = bpf_task_storage_get(&secure_exec_task_map, > + bpf_get_current_task_btf(), 0, > + BPF_LOCAL_STORAGE_GET_F_CREATE); > + if (!secureexec) > + return 0; > + > + if (*secureexec) > + bpf_lsm_set_bprm_opts(bprm, BPF_LSM_F_BPRM_SECUREEXEC); This can just be: if (secureexec && *secureexec) bpf_lsm_set_bprm_opts(bprm, BPF_LSM_F_BPRM_SECUREEXEC); bpf_lsm_set_bprm_opts(bprm, BPF_LSM_F_BPRM_SECUREEXEC); > + return 0; > +} > -- > 2.29.2.299.gdc1121823c-goog >