Re: [PATCH bpf-next 2/2] selftests/bpf: Extend test fs_kfuncs to cover security.bpf xattr names
From: Christoph Hellwig
Date: Tue Oct 15 2024 - 01:07:18 EST
On Wed, Oct 02, 2024 at 02:46:37PM -0700, Song Liu wrote:
> Extend test_progs fs_kfuncs to cover different xattr names. Specifically:
> xattr name "user.kfuncs", "security.bpf", and "security.bpf.xxx" can be
> read from BPF program with kfuncs bpf_get_[file|dentry]_xattr(); while
> "security.bpfxxx" and "security.selinux" cannot be read.
So you read code from untrusted user.* xattrs? How can you carve out
that space and not known any pre-existing userspace cod uses kfuncs
for it's own purpose?