Received: by 2002:a05:6a10:8a4d:0:0:0:0 with SMTP id dn13csp959508pxb;
        Fri, 13 Aug 2021 10:04:53 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxSUeLScPYS2InRBOEyc7U7GA2xFInnrRucWKMIdNkKu3aZDt8lEnA5126jeZolJYPms7tQ
X-Received: by 2002:a05:6638:2590:: with SMTP id s16mr3272758jat.121.1628874293034;
        Fri, 13 Aug 2021 10:04:53 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1628874293; cv=none;
        d=google.com; s=arc-20160816;
        b=ZIZ3+LIjUIGWmoWT91u9nKsdtYkArgVVNVRcZU7lli4uilBXKLKt4Z1qbY+zIn6qql
         s+PM+9z+Qmx6UX/Fqw55JW9FGMwpmqA2wgu307aqRlDiajttMiVJVihi4fXNeThSU3Ov
         FJxaZgWS3pF9lAbLS7j1tq3PLA1/cz1Eh8sKuCGUEajTi99LBw5s+CdSFtVvw8EHAFt1
         fuT9AF0R1xg+S6xv2SwpocxkXtkzrMj8WYpju/mEX91aQDSiZgA03XvVFP/eHJPO2wRT
         1e2rjOFJgOLyIUqDDOoSnAxEKXxsizBfsRXdnWXGTe55FU6DwHrwUnIlmNcby3tyhMlV
         BonA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=cBmfa+GYITyIOuudGApUF6MHdDuCwREo/pSm7uDiq/E=;
        b=ILZAMoeYUD6epryIT0HNWp68efD0Y5GmC4K+hTEh76SknEp2oHLCawfkgXRGKIyQq0
         JE8sq3KhPH7ioQbYWC4tN/wkdvdyGT71Lnq0q8k7TPMCFP7BLcCX++yH2fdiUbpwqj1K
         4NUavhpZ96AMI6YYHa+2ciWwudArfG3K6Z5AcR7R6gGm0n6CfEpcgQMtkdI37D5aGBMs
         qnAYX3h49DkDgEGao9uaBxkyfWYcZLkIpARyGL/mNNcvfhHgkUpIozf9TdWY++m2XKrA
         qF6u35wrKkgwDYS8SebVmguZ23YzNWIjRfj3aNaafrDepS+Je3hhr9gtnl2lImzPhbLB
         4chQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=jbxwc73Q;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id i1si2169981iow.3.2021.08.13.10.04.41;
        Fri, 13 Aug 2021 10:04:53 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=jbxwc73Q;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S242285AbhHMPSn (ORCPT <rfc822;liqb365@gmail.com> + 99 others);
        Fri, 13 Aug 2021 11:18:43 -0400
Received: from mail.kernel.org ([198.145.29.99]:57162 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S241710AbhHMPOo (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 13 Aug 2021 11:14:44 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id 25584610FD;
        Fri, 13 Aug 2021 15:14:16 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1628867657;
        bh=8uQasMfu+BP/uELSfdUi6nEdM2giS1F32OlKhetDiC4=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=jbxwc73QCv5Ft0MYWQWZlukF7Hc/Q3BqyC5b8GbGDzPoPG3LqpqxbG7YtiRbLtUUw
         WHVRiD2+R1edHOVmPbMRQFJdQpzIztUT3mg1gEF2JOng2KmUjvnlthOZnOkOk1tshp
         qfTkTN+m7B+E7rHnsS0xmhB0W94EusptsykM2vwI=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Daniel Borkmann <daniel@iogearbox.net>,
        Andrii Nakryiko <andrii@kernel.org>
Subject: [PATCH 5.10 04/19] bpf: Add _kernel suffix to internal lockdown_bpf_read
Date:   Fri, 13 Aug 2021 17:07:21 +0200
Message-Id: <20210813150522.774143311@linuxfoundation.org>
X-Mailer: git-send-email 2.32.0
In-Reply-To: <20210813150522.623322501@linuxfoundation.org>
References: <20210813150522.623322501@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Daniel Borkmann <daniel@iogearbox.net>

commit 71330842ff93ae67a066c1fa68d75672527312fa upstream.

Rename LOCKDOWN_BPF_READ into LOCKDOWN_BPF_READ_KERNEL so we have naming
more consistent with a LOCKDOWN_BPF_WRITE_USER option that we are adding.

Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 include/linux/security.h |    2 +-
 kernel/bpf/helpers.c     |    4 ++--
 kernel/trace/bpf_trace.c |    8 ++++----
 security/security.c      |    2 +-
 4 files changed, 8 insertions(+), 8 deletions(-)

--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -123,7 +123,7 @@ enum lockdown_reason {
 	LOCKDOWN_INTEGRITY_MAX,
 	LOCKDOWN_KCORE,
 	LOCKDOWN_KPROBES,
-	LOCKDOWN_BPF_READ,
+	LOCKDOWN_BPF_READ_KERNEL,
 	LOCKDOWN_PERF,
 	LOCKDOWN_TRACEFS,
 	LOCKDOWN_XMON_RW,
--- a/kernel/bpf/helpers.c
+++ b/kernel/bpf/helpers.c
@@ -729,12 +729,12 @@ bpf_base_func_proto(enum bpf_func_id fun
 	case BPF_FUNC_probe_read_user:
 		return &bpf_probe_read_user_proto;
 	case BPF_FUNC_probe_read_kernel:
-		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
 		       NULL : &bpf_probe_read_kernel_proto;
 	case BPF_FUNC_probe_read_user_str:
 		return &bpf_probe_read_user_str_proto;
 	case BPF_FUNC_probe_read_kernel_str:
-		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
 		       NULL : &bpf_probe_read_kernel_str_proto;
 	case BPF_FUNC_snprintf_btf:
 		return &bpf_snprintf_btf_proto;
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -1281,19 +1281,19 @@ bpf_tracing_func_proto(enum bpf_func_id
 	case BPF_FUNC_probe_read_user:
 		return &bpf_probe_read_user_proto;
 	case BPF_FUNC_probe_read_kernel:
-		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
 		       NULL : &bpf_probe_read_kernel_proto;
 	case BPF_FUNC_probe_read_user_str:
 		return &bpf_probe_read_user_str_proto;
 	case BPF_FUNC_probe_read_kernel_str:
-		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
 		       NULL : &bpf_probe_read_kernel_str_proto;
 #ifdef CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
 	case BPF_FUNC_probe_read:
-		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
 		       NULL : &bpf_probe_read_compat_proto;
 	case BPF_FUNC_probe_read_str:
-		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
 		       NULL : &bpf_probe_read_compat_str_proto;
 #endif
 #ifdef CONFIG_CGROUPS
--- a/security/security.c
+++ b/security/security.c
@@ -61,7 +61,7 @@ const char *const lockdown_reasons[LOCKD
 	[LOCKDOWN_INTEGRITY_MAX] = "integrity",
 	[LOCKDOWN_KCORE] = "/proc/kcore access",
 	[LOCKDOWN_KPROBES] = "use of kprobes",
-	[LOCKDOWN_BPF_READ] = "use of bpf to read kernel RAM",
+	[LOCKDOWN_BPF_READ_KERNEL] = "use of bpf to read kernel RAM",
 	[LOCKDOWN_PERF] = "unsafe use of perf",
 	[LOCKDOWN_TRACEFS] = "use of tracefs",
 	[LOCKDOWN_XMON_RW] = "xmon read and write access",