Re: [PATCH 2/3] security: bpf: Add eBPF LSM hooks and security field to eBPF map

2017-09-05 Thread Alexei Starovoitov
On Tue, Sep 05, 2017 at 02:59:38PM -0700, Chenbo Feng wrote: > On Thu, Aug 31, 2017 at 7:05 PM, Alexei Starovoitov > wrote: > > On Thu, Aug 31, 2017 at 01:56:34PM -0700, Chenbo Feng wrote: > >> From: Chenbo Feng > >> > >> Introduce a pointer into

Re: [PATCH 2/3] security: bpf: Add eBPF LSM hooks and security field to eBPF map

2017-09-05 Thread Chenbo Feng
On Thu, Aug 31, 2017 at 7:05 PM, Alexei Starovoitov wrote: > On Thu, Aug 31, 2017 at 01:56:34PM -0700, Chenbo Feng wrote: >> From: Chenbo Feng >> >> Introduce a pointer into struct bpf_map to hold the security information >> about the map. The

Re: [PATCH 2/3] security: bpf: Add eBPF LSM hooks and security field to eBPF map

2017-08-31 Thread Jeffrey Vander Stoep
On Thu, Aug 31, 2017 at 7:05 PM, Alexei Starovoitov wrote: > On Thu, Aug 31, 2017 at 01:56:34PM -0700, Chenbo Feng wrote: >> From: Chenbo Feng >> >> Introduce a pointer into struct bpf_map to hold the security information >> about the map. The

Re: [PATCH 2/3] security: bpf: Add eBPF LSM hooks and security field to eBPF map

2017-08-31 Thread Alexei Starovoitov
On Thu, Aug 31, 2017 at 01:56:34PM -0700, Chenbo Feng wrote: > From: Chenbo Feng > > Introduce a pointer into struct bpf_map to hold the security information > about the map. The actual security struct varies based on the security > models implemented. Place the LSM hooks

Re: [PATCH 2/3] security: bpf: Add eBPF LSM hooks and security field to eBPF map

2017-08-31 Thread Chenbo Feng
On Thu, Aug 31, 2017 at 3:38 PM, Daniel Borkmann wrote: > On 08/31/2017 10:56 PM, Chenbo Feng wrote: >> >> From: Chenbo Feng >> >> Introduce a pointer into struct bpf_map to hold the security information >> about the map. The actual security struct varies

Re: [PATCH 2/3] security: bpf: Add eBPF LSM hooks and security field to eBPF map

2017-08-31 Thread Daniel Borkmann
On 08/31/2017 10:56 PM, Chenbo Feng wrote: From: Chenbo Feng Introduce a pointer into struct bpf_map to hold the security information about the map. The actual security struct varies based on the security models implemented. Place the LSM hooks before each of the unrestricted

Re: [PATCH 2/3] security: bpf: Add eBPF LSM hooks and security field to eBPF map

2017-08-31 Thread Chenbo Feng
On Thu, Aug 31, 2017 at 2:17 PM, Mimi Zohar wrote: > On Thu, 2017-08-31 at 13:56 -0700, Chenbo Feng wrote: >> From: Chenbo Feng >> >> Introduce a pointer into struct bpf_map to hold the security information >> about the map. The actual security struct

Re: [PATCH 2/3] security: bpf: Add eBPF LSM hooks and security field to eBPF map

2017-08-31 Thread Mimi Zohar
On Thu, 2017-08-31 at 13:56 -0700, Chenbo Feng wrote: > From: Chenbo Feng > > Introduce a pointer into struct bpf_map to hold the security information > about the map. The actual security struct varies based on the security > models implemented. Place the LSM hooks before each

[PATCH 2/3] security: bpf: Add eBPF LSM hooks and security field to eBPF map

2017-08-31 Thread Chenbo Feng
From: Chenbo Feng Introduce a pointer into struct bpf_map to hold the security information about the map. The actual security struct varies based on the security models implemented. Place the LSM hooks before each of the unrestricted eBPF operations, the map_update_elem and