This series is a followup of the struct_ops conversion.
Therefore, it is based on top of the for-6.11/bpf branch of the hid.git tree: https://git.kernel.org/pub/scm/linux/kernel/git/hid/hid.git/log/?h=for-6.11/...
The first patch should go in ASAP, it's a fix that was detected by Dan and which is actually breaking some use cases.
The rest is adding new capabilities to HID-BPF: being able to intercept hid_hw_raw_request() and hid_hw_ouptut_report(). Both operations are write operations to the device.
Having those new hooks allows to implement the "firewall" of HID devices: this way a bpf program can selectively authorize an hidraw client to write or not to the device depending on what is requested.
This also allows to completely emulate new behavior: we can now create a "fake" feature on a HID device, and when we receive a request on this feature, we can emulate the answer by either statically answering or even by communicating with the device from bpf, as those new hooks are sleepable.
Last, there is one change in the kfunc hid_bpf_input_report, in which it actually waits for the device to be ready. This will not break any potential users as the function was already declared as sleepable.
Cheers, Benjamin
Signed-off-by: Benjamin Tissoires bentiss@kernel.org --- Changes in v2: - made use of srcu, for sleepable users - Link to v1: https://lore.kernel.org/r/20240621-hid_hw_req_bpf-v1-0-d7ab8b885a0b@kernel.o...
--- Benjamin Tissoires (13): HID: bpf: fix dispatch_hid_bpf_device_event uninitialized ret value HID: add source argument to HID low level functions HID: bpf: protect HID-BPF prog_list access by a SRCU HID: bpf: add HID-BPF hooks for hid_hw_raw_requests HID: bpf: prevent infinite recursions with hid_hw_raw_requests hooks selftests/hid: add tests for hid_hw_raw_request HID-BPF hooks HID: bpf: add HID-BPF hooks for hid_hw_output_report selftests/hid: add tests for hid_hw_output_report HID-BPF hooks HID: bpf: make hid_bpf_input_report() sleep until the device is ready selftests/hid: add wq test for hid_bpf_input_report() HID: bpf: allow hid_device_event hooks to inject input reports on self selftests/hid: add another test for injecting an event from an event hook selftests/hid: add an infinite loop test for hid_bpf_try_input_report
Documentation/hid/hid-bpf.rst | 2 +- drivers/hid/bpf/hid_bpf_dispatch.c | 165 ++++++++++- drivers/hid/bpf/hid_bpf_dispatch.h | 1 + drivers/hid/bpf/hid_bpf_struct_ops.c | 6 +- drivers/hid/hid-core.c | 118 +++++--- drivers/hid/hidraw.c | 10 +- include/linux/hid.h | 7 + include/linux/hid_bpf.h | 80 ++++- tools/testing/selftests/hid/hid_bpf.c | 326 +++++++++++++++++++++ tools/testing/selftests/hid/progs/hid.c | 292 ++++++++++++++++++ .../testing/selftests/hid/progs/hid_bpf_helpers.h | 13 + 11 files changed, 955 insertions(+), 65 deletions(-) --- base-commit: 33c0fb85b571b0f1bbdbf466e770eebeb29e6f41 change-id: 20240614-hid_hw_req_bpf-df0b95aeb425
Best regards,