Re: [PATCH bpf-next 2/2] selftests/bpf: Extend test fs_kfuncs to cover security.bpf xattr names

From: Song Liu
Date: Thu Oct 31 2024 - 11:58:12 EST




> On Oct 30, 2024, at 11:56 PM, Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote:
>
> On Wed, Oct 30, 2024 at 08:44:26PM +0000, Song Liu wrote:
>> Given bpf kfuncs can read user.* xattrs for almost a year now, I think we
>> cannot simply revert it. We already have some users using it.
>>
>> Instead, we can work on a plan to deprecated it. How about we add a
>> WARN_ON_ONCE as part of this patchset, and then remove user.* support
>> after some time?
>
> As Christian mentioned having bpf access to user xattrs is probably
> not a big issue. OTOH anything that makes security decisions based
> on it is probably pretty broken. Not sure how you want to best
> handle that.

Agreed that we really need security.bpf prefix for security use cases.
Reading user.* xattrs could be useful for some tracing use cases. We
may also introduce other prefixes for future use cases.

Thanks,
Song