Received: by 2002:a05:6358:45e:b0:b5:b6eb:e1f9 with SMTP id 30csp73489rwe; Fri, 26 Aug 2022 00:31:43 -0700 (PDT) X-Google-Smtp-Source: AA6agR6TeZzD7NX9sjTnmbJLr1+7NMjrOZoMuqadTODfnhYrdaR9LbxG6OFDnZ6wfO71x6jFUhns X-Received: by 2002:a17:902:e5cf:b0:172:e7e6:d7e with SMTP id u15-20020a170902e5cf00b00172e7e60d7emr2618958plf.30.1661499102860; Fri, 26 Aug 2022 00:31:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1661499102; cv=none; d=google.com; s=arc-20160816; b=FKJdmPjX5wZp3xuDXoywhECam6x5qlFqy8V+KGhM19qQfbiI67yPf/iC+5lgcmikux 2byC/e1MnsNyst7aC0KilI0/K7puWETQWQq53cHqIT8jUchpirjWO4FkpBfKXRvOG0TD Kzp3p5r8GHOPI3NJ7ia3Kb9VwK8mr7RsPuQbvIe6prikm5vbxUHUsBHMxUq6hg6cdCRd s+pbOVfrPpthJeb3n2L+NtvaPYm/z8erVUdFnamfzitiIS+14tg8kRfNU2aMJufUrqLD CjluS/BGu6BJO4WEEnchtek14o2Vx3qV89xrmZbogtdRiLSdkYja7ZeT9Y70DspaW7z1 MqOQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=5ySa3/C/i6jjcLirNtCMvy5cqkIFNU8sSxoQy5RV6b4=; b=ms7Ct2Ae5pB9IIJvR1jSoQ61N7e5UdZ4Tigb6w93vs5OkhoDgcCR15MqayrN18I5C7 UTOijuxuZH95bb4fx9kaZrrDe3La71X9Yp9ep1vWF1RM+iv586kc4ldICJzY2RM0LbNg MPBDSW/uEFp8yF4r944qGyFQ0OBeyHdhu0gZzcFAKVOmOcx4iZEdehB9Pg2BGQXO2rhK kL/DTfRqzqTrGslgtqmDRBBixzmgclsyR6uhoLShqCKexjXqh3daoVoEpLCRlYFWLbr0 1bFmu/f26cKjTs4hznLFoKwqk7s569O6W24elWVWXhc0RwnZGqWt1c09ZlAV9SWxBcNC F/7w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=jWmCsezj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p7-20020a056a000b4700b0052f9293affcsi1154500pfo.335.2022.08.26.00.31.32; Fri, 26 Aug 2022 00:31:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=jWmCsezj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S245267AbiHZHZ7 (ORCPT + 99 others); Fri, 26 Aug 2022 03:25:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36862 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S245070AbiHZHZz (ORCPT ); Fri, 26 Aug 2022 03:25:55 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 458971D0F9; Fri, 26 Aug 2022 00:25:54 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id D4B9C61CEB; Fri, 26 Aug 2022 07:25:53 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3AEA2C43144; Fri, 26 Aug 2022 07:25:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1661498753; bh=eoEfCiZf+UFMjTs3Z8rXcKqcIWDyH3RE5B0CCIV8wcc=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=jWmCsezjS7DuK7fuoTsOK74K+SSUOpPydkcBjeTEjjw8mZM4c/t6yV4d7+j3hIHiR 1K13X0uuHHl+QKzrGMMDYJ+CNQFcAKc7ljrcABBrkFHWZh7qjXtFneWcgP/aRiZuWT byh7a00NDtXQOxxSi7a+hEDdNlA4b8fTTIgzbCSzYhAhBroCXyisJyRiW07CpZHmXn coa97oXynV3LGd/9/D3K+kc+zNxS1lhEWnHX4v+M18wLSNxZi6NNzeq6aj7kfBpe3/ gnvsOtR1sryCQ3zqBgqUSVxY7UJG+XJIpaRJO0YvU5LI9dwyMszeSrxDe9EFHLkNn4 8QAufpEg8tXiA== Received: by mail-yw1-f178.google.com with SMTP id 00721157ae682-31f445bd486so14973027b3.13; Fri, 26 Aug 2022 00:25:53 -0700 (PDT) X-Gm-Message-State: ACgBeo0RyPjqSLrqPN7/T+33ChMyd7nxYae7+eQScyX0n95ZqEB/deM3 Hmfsgz6KWMRnbyBrhKa9B1AJDBsUTr/Ax5jOcdw= X-Received: by 2002:a25:8b92:0:b0:66d:553a:f309 with SMTP id j18-20020a258b92000000b0066d553af309mr6358786ybl.322.1661498752107; Fri, 26 Aug 2022 00:25:52 -0700 (PDT) MIME-Version: 1.0 References: <20220823150035.711534-1-roberto.sassu@huaweicloud.com> <20220823150035.711534-6-roberto.sassu@huaweicloud.com> <67c4a5e7cf363a6c9b79a436690c4c3f469652de.camel@huaweicloud.com> In-Reply-To: <67c4a5e7cf363a6c9b79a436690c4c3f469652de.camel@huaweicloud.com> From: Song Liu Date: Fri, 26 Aug 2022 00:25:41 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v13 05/10] bpf: Add bpf_lookup_*_key() and bpf_key_put() kfuncs To: Roberto Sassu Cc: Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , Mykola Lysenko , Jonathan Corbet , David Howells , Jarkko Sakkinen , Steven Rostedt , Ingo Molnar , paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, Shuah Khan , bpf , Linux Doc Mailing List , keyrings@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kselftest@vger.kernel.org, open list , =?UTF-8?Q?Daniel_M=C3=BCller?= , Roberto Sassu Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Aug 26, 2022 at 12:22 AM Roberto Sassu wrote: > > On Thu, 2022-08-25 at 22:56 -0700, Song Liu wrote: > > On Tue, Aug 23, 2022 at 8:02 AM Roberto Sassu > > wrote: > > > From: Roberto Sassu > > > > > > Add the bpf_lookup_user_key(), bpf_lookup_system_key() and > > > bpf_key_put() > > > kfuncs, to respectively search a key with a given key handle serial > > > number > > > and flags, obtain a key from a pre-determined ID defined in > > > include/linux/verification.h, and cleanup. > > > > > > Introduce system_keyring_id_check() to validate the keyring ID > > > parameter of > > > bpf_lookup_system_key(). > > > > > > Signed-off-by: Roberto Sassu > > > --- > > > include/linux/bpf.h | 6 ++ > > > include/linux/verification.h | 8 +++ > > > kernel/trace/bpf_trace.c | 135 > > > +++++++++++++++++++++++++++++++++++ > > > 3 files changed, 149 insertions(+) > > > > > > diff --git a/include/linux/bpf.h b/include/linux/bpf.h > > > index 6041304b402e..991da09a5858 100644 > > > --- a/include/linux/bpf.h > > > +++ b/include/linux/bpf.h > > > @@ -2586,4 +2586,10 @@ static inline void bpf_cgroup_atype_get(u32 > > > attach_btf_id, int cgroup_atype) {} > > > static inline void bpf_cgroup_atype_put(int cgroup_atype) {} > > > #endif /* CONFIG_BPF_LSM */ > > > > > > +#ifdef CONFIG_KEYS > > > > Do we need to declare struct key here? > > > > > +struct bpf_key { > > > + struct key *key; > > > + bool has_ref; > > > +}; > > > +#endif /* CONFIG_KEYS */ > > > #endif /* _LINUX_BPF_H */ > > > > > If there is a better place, I will move there. I guess you misunderstood. I meant we need struct key; struct bpf_key { struct key *key; bool has_ref; }; Otherwise, we may get some warning with certain config. Thanks, Song