Re: [PATCH 1/2] bpf: classify block device hooks appropriately

Next message: Chris Fenner: "Re: [PATCH v9 01/11] KEYS: trusted: Use get_random-fallback for TPM"
Previous message: Jan Kiszka: "Re: [PATCH] cpupower: Add support for setting EPP via systemd service"
In reply to: Christian Brauner: "[PATCH 1/2] bpf: classify block device hooks appropriately"
Next in thread: Christian Brauner: "Re: [PATCH 1/2] bpf: classify block device hooks appropriately"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Christoph Hellwig

Date: Fri Feb 20 2026 - 13:28:41 EST

On Fri, Feb 20, 2026 at 06:48:48PM +0100, Christian Brauner wrote:
> A bunch of new hooks for managing block devices were added a while ago
> but they weren't actually appropriately classified.

>
> * bpf_lsm_bdev_alloc() is called when the inode for the block
> device is allocated. This happens from a sleepable context so mark the
> function as sleepable. When this function is called the memory for the
> block device storage embedded into the inode is zeroed. That block
> device cannot be meaningfully reference or interacted with at this
> point. So mark it as untrusted for now.
>
> * bpf_lsm_bdev_free() is called when the inode for the block
> device is freed. A bunch of memory associated with the block device
> has already been freed and there's dangling pointers in there. So mark
> it as untrusted. It cannot be meaningfully referenced or interacted
> with anymore. It is also called from sb->s_op->free_inode:: which
> means it runs in rcu context (most of the times). So leave it as
> non-sleepable.

How did this even get added? None of this should be of any business
to LSM hooks :(