Re: [PATCH] Add LoadPin support for eBPF program loading

Next message: patchwork-bot+netdevbpf: "Re: [pull-request] NFC updates for net-next 2026-06-11"
Previous message: Ed Tsai (&#x8521;&#x5B97;&#x8ED2;): "Re: [PATCH v2 0/3] ufs: Add callback for vendor-specific RTT capability"
In reply to: Alex Roberts via B4 Relay: "[PATCH] Add LoadPin support for eBPF program loading"
Next in thread: Alexei Starovoitov: "Re: [PATCH] Add LoadPin support for eBPF program loading"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: David Windsor

Date: Thu Jun 11 2026 - 20:08:44 EST

On Thu, Jun 11, 2026 at 01:59:10PM -0500, Alex Roberts wrote:
> +static int loadpin_bpf_prog_load(struct bpf_prog *prog, union bpf_attr *attr,
> + struct bpf_token *token, bool is_kernel)
> +{
> + int res = 0;
> + struct file *exe_file = NULL;
> + struct mm_struct *mm = current->mm;
> +
> + if (is_kernel || !mm)
> + return 0;
> +
> + exe_file = get_mm_exe_file(mm);
> + if (!exe_file)
> + return 0;
> +
> + res = loadpin_check(exe_file, READING_EBPF);

Why are we checking current here? IIUC this will be whoever calls
bpf(2), which would be the loader, which would then be able to load bpf
programs from an untrusted source.

In the kmod case loadpin_check() sees the .ko itself.