On Fri, Jul 12, 2024 at 11:56 AM Paul Moore paul@paul-moore.com wrote:
On Thu, Jul 11, 2024 at 7:13 AM Xu Kuohai xukuohai@huaweicloud.com wrote:
From: Xu Kuohai xukuohai@huawei.com
LSM BPF prog returning a positive number attached to the hook file_alloc_security makes kernel panic.
...
Xu Kuohai (20): lsm: Refactor return value of LSM hook vm_enough_memory lsm: Refactor return value of LSM hook inode_need_killpriv lsm: Refactor return value of LSM hook inode_getsecurity lsm: Refactor return value of LSM hook inode_listsecurity lsm: Refactor return value of LSM hook inode_copy_up_xattr lsm: Refactor return value of LSM hook getselfattr lsm: Refactor return value of LSM hook setprocattr lsm: Refactor return value of LSM hook getprocattr lsm: Refactor return value of LSM hook key_getsecurity lsm: Refactor return value of LSM hook audit_rule_match bpf, lsm: Add disabled BPF LSM hook list bpf, lsm: Enable BPF LSM prog to read/write return value parameters bpf, lsm: Add check for BPF LSM return value bpf: Prevent tail call between progs attached to different hooks bpf: Fix compare error in function retval_range_within bpf: Add a special case for bitwise AND on range [-1, 0] selftests/bpf: Avoid load failure for token_lsm.c selftests/bpf: Add return value checks for failed tests selftests/bpf: Add test for lsm tail call selftests/bpf: Add verifier tests for bpf lsm
I'm not quite sure what happened, but it looks like patches 13/20 through 20/20 did not hit the mailing lists, see lore link below; did you have any mail failures when sending the patchset? Regardless, can you sort this out and resend the patchset?
https://lore.kernel.org/all/20240711111908.3817636-1-xukuohai@huaweicloud.co...
Oh wait, it looks like the patchset was split in lore somehow, nevermind. The "missing" patches are here:
https://lore.kernel.org/all/20240711113828.3818398-1-xukuohai@huaweicloud.co...