Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp43312pxu; Tue, 24 Nov 2020 18:03:02 -0800 (PST) X-Google-Smtp-Source: ABdhPJxDBd6bJ8v7mnhOzsLHPzH79G6P1R3xxk46x3MmGNvJaOW1Do0Ig+6K8JqjXGCmJ8iFW9CV X-Received: by 2002:a17:906:8691:: with SMTP id g17mr1188212ejx.317.1606269782543; Tue, 24 Nov 2020 18:03:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1606269782; cv=none; d=google.com; s=arc-20160816; b=vFVsHaiiDwkqGXY0HHnBWQ4sH0TKbDWL6P6eoNFLpuNowe2ne+uKPCsjb+SbhNBp+f 8AUvcqGAy+X0LOkCIuvqwp0UTju9ycqvf16awIbNlM0c0Z7YyQAo5OOnkUYXLczBmpHg lfcrWeNfxrySUQn+nn7a4G0sKmboIidhLx68ASOyyEsWaL2BRy7KM92V+npoyknjIdXf fVji5YNBpX313INM7rLdyBQ/XFbAOXV57LVyldv1Kbldhm3EEQqyuC6AfjHZHbBl7CZR B3GLccdcPfZO7Rdg4Ao3x54X3MxIZTC25hcILm8MUDW3worslLMW4jq+baz6dOuV/zi3 ISwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=5TaUVzQhpURqvZLgSdjgXP5Y5E8KytlSxVtILGHQLAo=; b=MIRPy+y/IvMlu3WrnKV8pcZ2iO8wVqAJrdXsX+2dAtKty0CdiQZ4jHgrWzTlV0MQZY ilWJtsMHeR7f0GBigLcAvruwqUm1AxZYwfttF2l6wTn+qqlqR10nltziJapN3ovSTFFt CXlmCWDr8KrfWvrrpo5yaxtNmcVgXippEmig2WhGlDMfipI6UjMjp3epVe5mrlEpx+E9 8EU2HfxXI63MI7Cc0QefL1zHJ7hvCREPcyAoAlTBqgw3dfpsh00PNdrjPtYC9/b8QzK7 1tSBr/4Qv2uSQqjHNj6v1Xkrspo2LHv7vbtuLQR/E7c/xrQGG5fIoGXcdETRd5nv0Rbp TLnw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=J7Yh5Gl8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g10si365502edy.201.2020.11.24.18.02.40; Tue, 24 Nov 2020 18:03:02 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=J7Yh5Gl8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732315AbgKXLFK (ORCPT + 99 others); Tue, 24 Nov 2020 06:05:10 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39670 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732342AbgKXLFJ (ORCPT ); Tue, 24 Nov 2020 06:05:09 -0500 Received: from mail-lf1-x141.google.com (mail-lf1-x141.google.com [IPv6:2a00:1450:4864:20::141]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 79AA8C061A4D for ; Tue, 24 Nov 2020 03:05:09 -0800 (PST) Received: by mail-lf1-x141.google.com with SMTP id r24so12132241lfm.8 for ; Tue, 24 Nov 2020 03:05:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=5TaUVzQhpURqvZLgSdjgXP5Y5E8KytlSxVtILGHQLAo=; b=J7Yh5Gl8VJbnnkSr3W+xvsWVk19oFqjxfIfH9nCy15iVRvUOsv8pmwTZxeCo10ESh4 evtmHyd962VrS41Pb/McGhWkE+6TvXxQ9kW3hR0ik54yj+kGqNvycMHxRkSOPaFHL7Mm MuNVaNl3nuBxFF854StZ/6unFn+/EIefpvvDo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=5TaUVzQhpURqvZLgSdjgXP5Y5E8KytlSxVtILGHQLAo=; b=tSs5ddDkfvTj7M0Df1sO3W1ZCdoezGKNRw0qLU9FHJ523s2tfIr88TPKc+8PpPNI3f Qq+4LQ6UuFp2HIz8cpSd0NbWe1NHZrOThXE2GBiF9Ai5xwpBj36uH42tOdh1GCAcTfb0 hlCqRFt/0vBevHg0BMkgmaLIkWdCp4K92tWS7kvb1Xs+P4MgJxy5xduzdFbw3mPim+4A 4UnNEmBzCvEHRVYnC7aJtlxLZgkOV12RhWBwmw3bWRjRqHO5gtxhVgyvXpajwE+mFUF8 aizxyB7GB4sTie6tq5QrV44+miweI2EkmJhtYVUTORz6615y1RoNbhlZ+q6hfutI6EFY Hy/A== X-Gm-Message-State: AOAM5325YUDhFGeFky5fDKjltImJT2edkziRbTMeIX0eHl1vE0JPBJsa ep+tpWLPrFOHOpS0mbiMymblaIcF0Z8OV8GbLM6JeQ== X-Received: by 2002:ac2:5475:: with SMTP id e21mr1431414lfn.153.1606215907809; Tue, 24 Nov 2020 03:05:07 -0800 (PST) MIME-Version: 1.0 References: <20201120131708.3237864-1-kpsingh@chromium.org> <20201120131708.3237864-2-kpsingh@chromium.org> <20201124040220.oyajc7wqn7gqgyib@ast-mbp> In-Reply-To: <20201124040220.oyajc7wqn7gqgyib@ast-mbp> From: KP Singh Date: Tue, 24 Nov 2020 12:04:57 +0100 Message-ID: Subject: Re: [PATCH bpf-next 2/3] bpf: Add a BPF helper for getting the IMA hash of an inode To: Alexei Starovoitov Cc: James Morris , open list , bpf , Linux Security Module list , Alexei Starovoitov , Daniel Borkmann , Florent Revest , Brendan Jackman , Mimi Zohar Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Nov 24, 2020 at 5:02 AM Alexei Starovoitov wrote: > > On Fri, Nov 20, 2020 at 01:17:07PM +0000, KP Singh wrote: > > + > > +static bool bpf_ima_inode_hash_allowed(const struct bpf_prog *prog) > > +{ > > + return bpf_lsm_is_sleepable_hook(prog->aux->attach_btf_id); > > +} > > + > > +BTF_ID_LIST_SINGLE(bpf_ima_inode_hash_btf_ids, struct, inode) > > + > > +const static struct bpf_func_proto bpf_ima_inode_hash_proto = { > > + .func = bpf_ima_inode_hash, > > + .gpl_only = false, > > + .ret_type = RET_INTEGER, > > + .arg1_type = ARG_PTR_TO_BTF_ID, > > + .arg1_btf_id = &bpf_ima_inode_hash_btf_ids[0], > > + .arg2_type = ARG_PTR_TO_UNINIT_MEM, > > + .arg3_type = ARG_CONST_SIZE_OR_ZERO, > > + .allowed = bpf_ima_inode_hash_allowed, > > +}; > > + > > static const struct bpf_func_proto * > > bpf_lsm_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) > > { > > @@ -97,6 +121,8 @@ bpf_lsm_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) > > return &bpf_task_storage_delete_proto; > > case BPF_FUNC_bprm_opts_set: > > return &bpf_bprm_opts_set_proto; > > + case BPF_FUNC_ima_inode_hash: > > + return &bpf_ima_inode_hash_proto; > > That's not enough for correctness. > Not only hook has to sleepable, but the program has to be sleepable too. > The patch 3 should be causing all sort of kernel warnings > for calling mutex from preempt disabled. > There it calls bpf_ima_inode_hash() from SEC("lsm/file_mprotect") program. I did actually mean to use SEC("lsm.s/bprm_committed_creds"), my bad. > "lsm/" is non-sleepable. "lsm.s/" is. > please enable CONFIG_DEBUG_ATOMIC_SLEEP=y in your config. Oops, yes I did notice that during recent work on the test cases. Since we need a stronger check than just warnings, I am doing something similar to what we do for bpf_copy_from_user i.e. return prog->aux->sleepable ? &bpf_ima_inode_hash_proto : NULL;