Received: by 2002:a05:6359:322:b0:b3:69d0:12d8 with SMTP id ef34csp318411rwb; Wed, 10 Aug 2022 08:45:33 -0700 (PDT) X-Google-Smtp-Source: AA6agR6UvbcNe01nE6Zv8R0LwKazhFkoQsMmvgBkVVA23Fb4ZwVj8R1nZ6RjXNV2NF/JWd60KAG5 X-Received: by 2002:a63:2021:0:b0:41b:c2e5:f4ab with SMTP id g33-20020a632021000000b0041bc2e5f4abmr23325487pgg.496.1660146332726; Wed, 10 Aug 2022 08:45:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1660146332; cv=none; d=google.com; s=arc-20160816; b=GbSPLnxaAqNenPvwAGHiLDPkUf44hbknIIXXmsLPgdsofIYfcVvNGBnCKlvZM6/WpX TQOqyk/jQTAjRY+pBJppH0VbyDZirNHbcDcD2gWdWxNN/DPxXcHJS7H9FAyZc30UQlyF kvJIW4m6gzUWYzBr/g3CV2HXEgWV6aALBCNPpQlXLgJ3iziyLtjP0pWn8lTrZhmxkO9Y 3GpAODf8lV9gy2jerJZoqDK1tLhUbJYUFvBs0Pzj4GzVHDxr2OEyp+ei5wbt1c53TucI 66xRBKdj8Emurs0EkSCp/KTeU7IvjhN8G703b9y8uHxs7KGo02RzsEkGDxgdjNZ6W7z0 Uxtg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=JclQw4E13yzmmXnMbhOfpf324tn27iWUM61p9riJGW0=; b=TldyPyZFVdVNzoAzTlLDdcwkdFerROrnvIZYUBOcZBK3AT5wpXzXx5pq4kg5B+ckMO uf6FvtVy+EtQZo54mHaeoq/qRDjLkVryJ+spEEXAb05Y874uHUNh+Te/KETyYlfXMom9 03OQB9H6uVmFjN0aaZpziznw1IuQNNRY6lim0j17WU15ocPKEMzja9AKuOTeYqLF4izA eniqcNjfFSkVkHOrovf9Z50bQvMoJBYBa6G6CAWEQGeBzuhfYU5noSOyFl2WRzf4oCiX uO1snPDyXYntKgiMb25Dk0PhlmUTnz+Hc/GIRm9svvnjxTgEA831VP6vCK8LPugjwOEp UpgA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id n6-20020a63f806000000b0041bb3b63950si15379390pgh.367.2022.08.10.08.45.15; Wed, 10 Aug 2022 08:45:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232488AbiHJOaW (ORCPT + 99 others); Wed, 10 Aug 2022 10:30:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40124 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232271AbiHJOaP (ORCPT ); Wed, 10 Aug 2022 10:30:15 -0400 Received: from www62.your-server.de (www62.your-server.de [213.133.104.62]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BE7B4B57; Wed, 10 Aug 2022 07:30:13 -0700 (PDT) Received: from sslproxy03.your-server.de ([88.198.220.132]) by www62.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from ) id 1oLmiV-0003ni-HN; Wed, 10 Aug 2022 16:29:51 +0200 Received: from [85.1.206.226] (helo=linux.home) by sslproxy03.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oLmiU-000WMW-Um; Wed, 10 Aug 2022 16:29:50 +0200 Subject: Re: [PATCH v9 06/10] bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs To: Roberto Sassu , "ast@kernel.org" , "andrii@kernel.org" , "martin.lau@linux.dev" , "song@kernel.org" , "yhs@fb.com" , "john.fastabend@gmail.com" , "kpsingh@kernel.org" , "sdf@google.com" , "haoluo@google.com" , "jolsa@kernel.org" , "corbet@lwn.net" , "dhowells@redhat.com" , "jarkko@kernel.org" , "rostedt@goodmis.org" , "mingo@redhat.com" , "paul@paul-moore.com" , "jmorris@namei.org" , "serge@hallyn.com" , "shuah@kernel.org" Cc: "bpf@vger.kernel.org" , "linux-doc@vger.kernel.org" , "keyrings@vger.kernel.org" , "linux-security-module@vger.kernel.org" , "linux-kselftest@vger.kernel.org" , "linux-kernel@vger.kernel.org" References: <20220809134603.1769279-1-roberto.sassu@huawei.com> <20220809134603.1769279-7-roberto.sassu@huawei.com> <2b1d62ad-af4b-4694-ecc8-639fbd821a05@iogearbox.net> From: Daniel Borkmann Message-ID: Date: Wed, 10 Aug 2022 16:29:50 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Authenticated-Sender: daniel@iogearbox.net X-Virus-Scanned: Clear (ClamAV 0.103.6/26623/Wed Aug 10 09:55:07 2022) X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NICE_REPLY_A, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org [...] >>> +noinline __weak struct bpf_key *bpf_lookup_user_key(u32 serial, u64 flags) >> >> Why the need for noinline and the __weak here and below? (If indeed needed >> this >> should probably be explained in the commit desc.) > > Oh, I took from v3 of KP's patch set. It is gone in v5. Will do > the same as well. > >>> +{ >>> + key_ref_t key_ref; >>> + struct bpf_key *bkey; >>> + >>> + /* Keep in sync with include/linux/key.h. */ >>> + if (flags > (KEY_LOOKUP_PARTIAL << 1) - 1) >> >> Can't we just simplify and test flags & >> ~(KEY_LOOKUP_CREATE|KEY_LOOKUP_PARTIAL)? > > I thought as if we have many flags. I'd keep it simple for now, and if the actual need comes this can still be changed. >>> + return NULL; >>> + >>> + /* Permission check is deferred until actual kfunc using the key. */ >>> + key_ref = lookup_user_key(serial, flags, KEY_DEFER_PERM_CHECK); >>> + if (IS_ERR(key_ref)) >>> + return NULL; >>> + >>> + bkey = kmalloc(sizeof(*bkey), GFP_KERNEL); >>> + if (!bkey) { >>> + key_put(key_ref_to_ptr(key_ref)); >>> + return bkey; >> >> nit: just return NULL probably cleaner > > Ok.