Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp3457969pxb; Mon, 25 Jan 2021 17:25:59 -0800 (PST) X-Google-Smtp-Source: ABdhPJy0tBpiNgEjVvV6zM9iMU47aeqPrjr0+eKYx69OidvXrys2li4rp5WtOPGGgaCKDMuIEycQ X-Received: by 2002:a17:906:f0c3:: with SMTP id dk3mr1961568ejb.540.1611624359158; Mon, 25 Jan 2021 17:25:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1611624359; cv=none; d=google.com; s=arc-20160816; b=tfosSmA41PdnqUW5Nfvs+Q8vDSx+5LTFj0rsQqKZHTXliIwDCXgvrm+OHAdHHptLVM 3bpGMgkQgjm9EHQVrPF6t0vv/vGtdvrCN8B4L9mwoRmbDffLUt+ClT1FbBg9ZW+ys0/5 d5qicWC08Cof8GpjczWuKGfaEmlx6jWkBXwTyc0lSr7WxnXkGgoNutL6vOyUzVeBa429 h0F/cyV64OFkD3aUc5bIAal4iZEADECM953jhGoz+2flAt/U/1mdfb5leVDzD0Agwsec UVPivVRhApv/acCos8d5j3Xa/77z5wiw8TEHQ3yBavrx5P3Ex0mQWBpfKLUR7t6A2W2J 6v8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :ironport-sdr:ironport-sdr; bh=4hxhtFt6TNI6u3JBQbpYdc+nEUTh3kGMDHSt2okWaJU=; b=PN60vggH4HKFCfApWdloX58/S+X9Ls2r1d54zmqx8uP17Ho0AwqHZKFDfeGIXgvKGa A1UCes2PPozjWtXIjxI7fhkL39PbjHnNGvKT4dPw4C3KTFKAuKYEV3JA1kdmbRlybbcj 5pwBmujt8vDsvez3Q3LikebQ5YNrlXHVPYBaQhGl507/ZdLLctatbgUETNvwzJy8I0M5 RTDVZyS+kYTK4FKBZEkrFSMs11k+W9SnAvCZP32ZmR7Kv43JrLHHpI2xdpB5YLAP8San Elrc/P/EsPzMmls7jbbDKEphiQjiIUrf9PxKD71f6sB7oATJcWyQbDld0buvKNpDeEQN b5zA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t24si6501296ejr.275.2021.01.25.17.24.59; Mon, 25 Jan 2021 17:25:59 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727164AbhAYHNB (ORCPT + 99 others); Mon, 25 Jan 2021 02:13:01 -0500 Received: from mga03.intel.com ([134.134.136.65]:35221 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727025AbhAYGle (ORCPT ); Mon, 25 Jan 2021 01:41:34 -0500 IronPort-SDR: nPyJQ9qc9pPrOL4dnWEHeA3bKLVU9K9zbvr4s4A/V3FGDnMhJYv8+HKLAgoJxJxGq19y49wRxn 86x36vyYSr4A== X-IronPort-AV: E=McAfee;i="6000,8403,9874"; a="179751939" X-IronPort-AV: E=Sophos;i="5.79,372,1602572400"; d="scan'208";a="179751939" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Jan 2021 22:39:47 -0800 IronPort-SDR: x1pQtgl3vcIHAqaNMGPNforbqej7B9oB3xCmQyOi3Cxrqt5aXqhbxSa/ieMbla22NotuJZShiL NCXbB8TkfwQQ== X-IronPort-AV: E=Sophos;i="5.79,372,1602572400"; d="scan'208";a="429144312" Received: from ymachlev-mobl1.ger.corp.intel.com (HELO outtakka.ger.corp.intel.com) ([10.214.244.152]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Jan 2021 22:39:44 -0800 From: Mikko Ylinen To: kpsingh@kernel.org Cc: bpf@vger.kernel.org, daniel@iogearbox.net, kpsingh@google.com, linux-kernel@vger.kernel.org, mikko.ylinen@linux.intel.com Subject: [PATCH v2] bpf: Drop disabled LSM hooks from the sleepable set Date: Mon, 25 Jan 2021 08:39:36 +0200 Message-Id: <20210125063936.89365-1-mikko.ylinen@linux.intel.com> X-Mailer: git-send-email 2.30.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Some networking and keys LSM hooks are conditionally enabled and when building the new sleepable BPF LSM hooks with those LSM hooks disabled, the following build error occurs: BTFIDS vmlinux FAILED unresolved symbol bpf_lsm_socket_socketpair To fix the error, conditionally add the relevant networking/keys LSM hooks to the sleepable set. Fixes: 423f16108c9d8 ("bpf: Augment the set of sleepable LSM hooks") Signed-off-by: Mikko Ylinen --- kernel/bpf/bpf_lsm.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/kernel/bpf/bpf_lsm.c b/kernel/bpf/bpf_lsm.c index 70e5e0b6d69d..1622a44d1617 100644 --- a/kernel/bpf/bpf_lsm.c +++ b/kernel/bpf/bpf_lsm.c @@ -149,7 +149,11 @@ BTF_ID(func, bpf_lsm_file_ioctl) BTF_ID(func, bpf_lsm_file_lock) BTF_ID(func, bpf_lsm_file_open) BTF_ID(func, bpf_lsm_file_receive) + +#ifdef CONFIG_SECURITY_NETWORK BTF_ID(func, bpf_lsm_inet_conn_established) +#endif /* CONFIG_SECURITY_NETWORK */ + BTF_ID(func, bpf_lsm_inode_create) BTF_ID(func, bpf_lsm_inode_free_security) BTF_ID(func, bpf_lsm_inode_getattr) @@ -166,7 +170,11 @@ BTF_ID(func, bpf_lsm_inode_symlink) BTF_ID(func, bpf_lsm_inode_unlink) BTF_ID(func, bpf_lsm_kernel_module_request) BTF_ID(func, bpf_lsm_kernfs_init_security) + +#ifdef CONFIG_KEYS BTF_ID(func, bpf_lsm_key_free) +#endif /* CONFIG_KEYS */ + BTF_ID(func, bpf_lsm_mmap_file) BTF_ID(func, bpf_lsm_netlink_send) BTF_ID(func, bpf_lsm_path_notify) @@ -181,6 +189,8 @@ BTF_ID(func, bpf_lsm_sb_show_options) BTF_ID(func, bpf_lsm_sb_statfs) BTF_ID(func, bpf_lsm_sb_umount) BTF_ID(func, bpf_lsm_settime) + +#ifdef CONFIG_SECURITY_NETWORK BTF_ID(func, bpf_lsm_socket_accept) BTF_ID(func, bpf_lsm_socket_bind) BTF_ID(func, bpf_lsm_socket_connect) @@ -195,6 +205,8 @@ BTF_ID(func, bpf_lsm_socket_recvmsg) BTF_ID(func, bpf_lsm_socket_sendmsg) BTF_ID(func, bpf_lsm_socket_shutdown) BTF_ID(func, bpf_lsm_socket_socketpair) +#endif /* CONFIG_SECURITY_NETWORK */ + BTF_ID(func, bpf_lsm_syslog) BTF_ID(func, bpf_lsm_task_alloc) BTF_ID(func, bpf_lsm_task_getsecid) -- 2.17.1