On Tue, Aug 23, 2022 at 8:02 AM Roberto Sassu roberto.sassu@huaweicloud.com wrote:
From: Roberto Sassu roberto.sassu@huawei.com
Add the bpf_lookup_user_key(), bpf_lookup_system_key() and bpf_key_put() kfuncs, to respectively search a key with a given key handle serial number and flags, obtain a key from a pre-determined ID defined in include/linux/verification.h, and cleanup.
Introduce system_keyring_id_check() to validate the keyring ID parameter of bpf_lookup_system_key().
Signed-off-by: Roberto Sassu roberto.sassu@huawei.com
include/linux/bpf.h | 6 ++ include/linux/verification.h | 8 +++ kernel/trace/bpf_trace.c | 135 +++++++++++++++++++++++++++++++++++ 3 files changed, 149 insertions(+)
diff --git a/include/linux/bpf.h b/include/linux/bpf.h index 6041304b402e..991da09a5858 100644 --- a/include/linux/bpf.h +++ b/include/linux/bpf.h @@ -2586,4 +2586,10 @@ static inline void bpf_cgroup_atype_get(u32 attach_btf_id, int cgroup_atype) {} static inline void bpf_cgroup_atype_put(int cgroup_atype) {} #endif /* CONFIG_BPF_LSM */
+#ifdef CONFIG_KEYS
Do we need to declare struct key here?
+struct bpf_key {
struct key *key;
bool has_ref;
+}; +#endif /* CONFIG_KEYS */ #endif /* _LINUX_BPF_H */