On Wed, Jul 30, 2025 at 12:59 AM Fan Wu <wufan@xxxxxxxxxx> wrote:
>
> On Mon, Jul 21, 2025 at 2:35 PM KP Singh <kpsingh@xxxxxxxxxx> wrote:
> >
> > Exclusive maps allow maps to only be accessed by program with a
> > program with a matching hash which is specified in the excl_prog_hash
> > attr.
> >
> > For the signing use-case, this allows the trusted loader program
> > to load the map and verify the integrity
> >
> > Signed-off-by: KP Singh <kpsingh@xxxxxxxxxx>
> > ---
> > include/linux/bpf.h | 1 +
> > include/uapi/linux/bpf.h | 2 ++
> > kernel/bpf/syscall.c | 32 ++++++++++++++++++++++++++++----
> > kernel/bpf/verifier.c | 6 ++++++
> > tools/include/uapi/linux/bpf.h | 2 ++
> > 5 files changed, 39 insertions(+), 4 deletions(-)
> >
>
> ...
>
> > -static int map_create(union bpf_attr *attr, bool kernel)
> > +static int map_create(union bpf_attr *attr, bpfptr_t uattr)
> > {
> > const struct bpf_map_ops *ops;
> > struct bpf_token *token = NULL;
> > @@ -1527,7 +1528,30 @@ static int map_create(union bpf_attr *attr, bool kernel)
> > attr->btf_vmlinux_value_type_id;
> > }
> >
> > - err = security_bpf_map_create(map, attr, token, kernel);
> > + if (attr->excl_prog_hash) {
> > + bpfptr_t uprog_hash = make_bpfptr(attr->excl_prog_hash, uattr.is_kernel);
> > +
> > + map->excl_prog_sha = kzalloc(SHA256_DIGEST_SIZE, GFP_KERNEL);
> > + if (!map->excl_prog_sha) {
> > + err = -ENOMEM;
> > + goto free_map;
> > + }
> > +
> > + if (attr->excl_prog_hash_size != SHA256_DIGEST_SIZE) {
> > + err = -EINVAL;
> > + goto free_map;
> > + }
>
> Nit: Maybe check the size first to avoid unncessary kzalloc?
Thanks, fixed.
- KP
>
> -Fan
>
> > +
> > + if (copy_from_bpfptr(map->excl_prog_sha, uprog_hash,
> > + SHA256_DIGEST_SIZE)) {
> > + err = -EFAULT;
> > + goto free_map;
> > + }
> > + } else if (attr->excl_prog_hash_size) {
> > + return -EINVAL;
> > + }
> > +
> > + err = security_bpf_map_create(map, attr, token, uattr.is_kernel);
> > if (err)
> > goto free_map_sec;
> >
