10 Jun
2022
10 Jun
'22
11:56 p.m.
On Fri, Jun 10, 2022 at 4:53 PM KP Singh kpsingh@kernel.org wrote:
+static const struct bpf_func_proto bpf_verify_signature_proto = {
- .func = bpf_verify_signature,
- .gpl_only = false,
- .ret_type = RET_INTEGER,
- .arg1_type = ARG_PTR_TO_MEM,
- .arg2_type = ARG_CONST_SIZE_OR_ZERO,
Can verify_pkcs7_signature() handle null/0 len for data* args?
Shouldn't ARG_PTR_TO_MEM require valid memory? 0 len should not be a problem.
check_helper_mem_access() has:
/* Allow zero-byte read from NULL, regardless of pointer type */ if (zero_size_allowed && access_size == 0 && register_is_null(reg)) return 0;Daniel, makes a fair point here. Alexei, what do you think?
I wonder if some "future" signature verification would need even more / different arguments so a unified bpf_verify_signature might get more complex / not easy to extend.
You mean a pkcs7 specific helper for now? Makes sense.