Introduce a new kfunc bpf_cgroup_read_xattr, which can read xattr from cgroupfs nodes. The primary users are LSMs, cgroup programs, and sched_ext. --- Changes v2 => v3: 1. Make bpf_cgroup_read_xattr available to all program types. 2. Fix gcc build warning on the selftests. 3. Add "ifdef CONFIG_CGROUPS" around bpf_cgroup_read_xattr. v2: https://lore.kernel.org/bpf/20250619220114.3956120-1-song@xxxxxxxxxx/ Changes v1 => v2: 1. Replace 1/4 in v1 with Chritian's version (1/5 in v2). 2. Rename bpf_kernfs_read_xattr => bpf_cgroup_read_xattr, and limit access to cgroup only. 3. Add 5/5, which makes bpf_cgroup_read_xattr available to cgroup and struct_ops programs. v1: https://lore.kernel.org/bpf/20250618233739.189106-1-song@xxxxxxxxxx/ Christian Brauner (1): kernfs: remove iattr_mutex Song Liu (3): bpf: Introduce bpf_cgroup_read_xattr to read xattr of cgroup's node bpf: Mark cgroup_subsys_state->cgroup RCU safe selftests/bpf: Add tests for bpf_cgroup_read_xattr fs/bpf_fs_kfuncs.c | 34 ++++ fs/kernfs/inode.c | 74 ++++---- kernel/bpf/helpers.c | 3 + kernel/bpf/verifier.c | 5 + .../testing/selftests/bpf/bpf_experimental.h | 3 + .../selftests/bpf/prog_tests/cgroup_xattr.c | 145 ++++++++++++++++ .../selftests/bpf/progs/cgroup_read_xattr.c | 158 ++++++++++++++++++ .../selftests/bpf/progs/read_cgroupfs_xattr.c | 60 +++++++ 8 files changed, 448 insertions(+), 34 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/cgroup_xattr.c create mode 100644 tools/testing/selftests/bpf/progs/cgroup_read_xattr.c create mode 100644 tools/testing/selftests/bpf/progs/read_cgroupfs_xattr.c -- 2.47.1
