Re: [PATCH v3 1/2] bpf: Add bpf_verify_signature() helper

From: Alexei Starovoitov
Date: Fri Jun 10 2022 - 12:30:51 EST

Next message: Pavel Tikhomirov: "[PATCH 0/2] Introduce CABA helper process tree"
Previous message: Yazen Ghannam: "Re: [PATCH 0/3] New SMCA Syndrome registers and FRU Text feature"
In reply to: Alexei Starovoitov: "Re: [PATCH v3 1/2] bpf: Add bpf_verify_signature() helper"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jun 10, 2022 at 6:59 AM Roberto Sassu <roberto.sassu@xxxxxxxxxx> wrote:
> + keyring = (keyring_id == U16_MAX) ?
> + cred->session_keyring : (struct key *)keyring_id;

This is too limiting.
bpf prog should be able to do what *key syscalls can do.
By doing lookup_user_key(id) -> keyring.
Maybe it's ok to have a special reserved id that does
cred->sessions_keyring as a shortcut, but that's an optimization.

Next message: Pavel Tikhomirov: "[PATCH 0/2] Introduce CABA helper process tree"
Previous message: Yazen Ghannam: "Re: [PATCH 0/3] New SMCA Syndrome registers and FRU Text feature"
In reply to: Alexei Starovoitov: "Re: [PATCH v3 1/2] bpf: Add bpf_verify_signature() helper"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]