On Fri, Apr 11, 2025 at 11:37:25PM +0300, Jarkko Sakkinen wrote:
> On Fri, Apr 11, 2025 at 04:59:11PM +0100, David Howells wrote:
> > Jarkko Sakkinen wrote:
> >
> > > + spin_lock_irqsave(&key_graveyard_lock, flags);
> > > + list_splice_init(&key_graveyard, &graveyard);
> > > + spin_unlock_irqrest
On Fri, Apr 11, 2025 at 5:30 PM Matteo Croce wrote:
>
> Il giorno sab 12 apr 2025 alle ore 02:19 Alexei Starovoitov
> ha scritto:
>
> Similar to what I proposed here?
>
> https://lore.kernel.org/bpf/20211203191844.69709-2-mcr...@linux.microsoft.com/
...
> @@ -1346,6 +1346,8 @@ union bpf_attr {
>
Il giorno sab 12 apr 2025 alle ore 02:19 Alexei Starovoitov
ha scritto:
Similar to what I proposed here?
https://lore.kernel.org/bpf/20211203191844.69709-2-mcr...@linux.microsoft.com/
> The verification of module signatures is a job of the module loading process.
> The same thing should be done
On Fri, Apr 4, 2025 at 2:56 PM Blaise Boscaccy
wrote:
> +
> +static int hornet_find_maps(struct bpf_prog *prog, struct hornet_maps *maps)
> +{
> + struct bpf_insn *insn = prog->insnsi;
> + int insn_cnt = prog->len;
> + int i;
> + int err;
> +
> + for (i = 0; i < insn_
On Apr 4, 2025 Blaise Boscaccy wrote:
>
> This adds the Hornet Linux Security Module which provides signature
> verification of eBPF programs. This allows users to continue to
> maintain an invariant that all code running inside of the kernel has
> been signed.
>
> The primary target for signat
On Fri, Apr 11, 2025 at 11:37:25PM +0300, Jarkko Sakkinen wrote:
> > This is going to enable and disable interrupts twice and that can be
> > expensive, depending on the arch. I wonder if it would be better to do:
> >
> > local_irq_save(flags);
> > spin_loc
On Fri, Apr 11, 2025 at 04:59:11PM +0100, David Howells wrote:
> Jarkko Sakkinen wrote:
>
> > + spin_lock_irqsave(&key_graveyard_lock, flags);
> > + list_splice_init(&key_graveyard, &graveyard);
> > + spin_unlock_irqrestore(&key_graveyard_lock, flags);
>
> I would wrap this bit in a check
On 2025-04-04 14:54:50, Blaise Boscaccy wrote:
> +static int hornet_verify_lskel(struct bpf_prog *prog, struct hornet_maps
> *maps,
> +void *sig, size_t sig_len)
> +{
> + int fd;
> + u32 i;
> + void *buf;
> + void *new;
> + size_t buf_sz;
> + str
Jarkko Sakkinen wrote:
> + spin_lock_irqsave(&key_graveyard_lock, flags);
> + list_splice_init(&key_graveyard, &graveyard);
> + spin_unlock_irqrestore(&key_graveyard_lock, flags);
I would wrap this bit in a check to see if key_graveyard is empty so that we
can avoid disabling irqs an
