Hello:
This series was applied to bpf/bpf-next.git (master) by Alexei Starovoitov ast@kernel.org:
On Mon, 10 Mar 2025 15:17:10 -0700 you wrote:
Hello,
While trying to implement an eBPF gatekeeper program, we ran into an issue whereas the LSM hooks are missing some relevant data.
Certain subcommands passed to the bpf() syscall can be invoked from either the kernel or userspace. Additionally, some fields in the bpf_attr struct contain pointers, and depending on where the subcommand was invoked, they could point to either user or kernel memory. One example of this is the bpf_prog_load subcommand and its fd_array. This data is made available and used by the verifier but not made available to the LSM subsystem. This patchset simply exposes that information to applicable LSM hooks.
[...]
Here is the summary with links: - [v7,bpf-next,1/2] security: Propagate caller information in bpf hooks https://git.kernel.org/bpf/bpf-next/c/a8cd03532fc9 - [v7,bpf-next,2/2] selftests/bpf: Add a kernel flag test for LSM bpf hook https://git.kernel.org/bpf/bpf-next/c/f563314d7293
You are awesome, thank you!