From: KP Singh <kpsingh@chromium.org>
To: Martin KaFai Lau <kafai@fb.com>
Cc: linux-kernel@vger.kernel.org, bpf@vger.kernel.org,
linux-security-module@vger.kernel.org,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Paul Turner <pjt@google.com>, Jann Horn <jannh@google.com>,
Florent Revest <revest@chromium.org>
Subject: Re: [PATCH bpf-next v8 6/7] bpf: Allow local storage to be used from LSM programs
Date: Wed, 19 Aug 2020 15:01:17 +0200 [thread overview]
Message-ID: <87e6c97f-5d72-ddb9-331a-4a79ccab11c1@chromium.org> (raw)
In-Reply-To: <20200818041638.2dv5cewlgwerd7hm@kafai-mbp.dhcp.thefacebook.com>
On 8/18/20 6:16 AM, Martin KaFai Lau wrote:
> On Mon, Aug 03, 2020 at 06:46:54PM +0200, KP Singh wrote:
>> From: KP Singh <kpsingh@google.com>
>>
>> Adds support for both bpf_{sk, inode}_storage_{get, delete} to be used
>> in LSM programs. These helpers are not used for tracing programs
[...]
>> @@ -2823,6 +2823,10 @@ union bpf_attr {
>> * "type". The bpf-local-storage "type" (i.e. the *map*) is
>> * searched against all bpf-local-storages residing at *sk*.
>> *
>> + * For socket programs, *sk* should be a **struct bpf_sock** pointer
>> + * and an **ARG_PTR_TO_BTF_ID** of type **struct sock** for LSM
>> + * programs.
> I found it a little vague on what "socket programs" is. May be:
>
> *sk* is a kernel **struct sock** pointer for LSM program.
> *sk* is a **struct bpf_sock** pointer for other program types.
This is better, Thanks!
- KP
>
> Others LGTM
>
> Acked-by: Martin KaFai Lau <kafai@fb.com>
>
next prev parent reply other threads:[~2020-08-19 13:04 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-03 16:46 [PATCH bpf-next v8 0/7] Generalizing bpf_local_storage KP Singh
2020-08-03 16:46 ` [PATCH bpf-next v8 1/7] A purely mechanical change to split the renaming from the actual generalization KP Singh
2020-08-17 23:56 ` Martin KaFai Lau
2020-08-18 14:30 ` KP Singh
2020-08-03 16:46 ` [PATCH bpf-next v8 2/7] bpf: Generalize caching for sk_storage KP Singh
2020-08-17 23:57 ` Martin KaFai Lau
2020-08-03 16:46 ` [PATCH bpf-next v8 3/7] bpf: Generalize bpf_sk_storage KP Singh
2020-08-18 1:05 ` Martin KaFai Lau
2020-08-19 12:41 ` KP Singh
2020-08-19 17:12 ` Martin KaFai Lau
2020-08-19 22:19 ` KP Singh
2020-08-03 16:46 ` [PATCH bpf-next v8 4/7] bpf: Split bpf_local_storage to bpf_sk_storage KP Singh
2020-08-03 16:46 ` [PATCH bpf-next v8 5/7] bpf: Implement bpf_local_storage for inodes KP Singh
2020-08-18 1:27 ` Martin KaFai Lau
2020-08-18 15:10 ` KP Singh
2020-08-18 15:23 ` Martin KaFai Lau
2020-08-18 15:33 ` KP Singh
2020-08-03 16:46 ` [PATCH bpf-next v8 6/7] bpf: Allow local storage to be used from LSM programs KP Singh
2020-08-18 4:16 ` Martin KaFai Lau
2020-08-19 13:01 ` KP Singh [this message]
2020-08-03 16:46 ` [PATCH bpf-next v8 7/7] bpf: Add selftests for local_storage KP Singh
2020-08-03 17:46 ` [PATCH bpf-next v8 0/7] Generalizing bpf_local_storage KP Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87e6c97f-5d72-ddb9-331a-4a79ccab11c1@chromium.org \
--to=kpsingh@chromium.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=jannh@google.com \
--cc=kafai@fb.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=pjt@google.com \
--cc=revest@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.