From: sashiko-bot@kernel.org
To: "Daniel Borkmann" <daniel@iogearbox.net>
Cc: bpf@vger.kernel.org
Subject: Re: [PATCH bpf-next v6 3/8] libbpf: Drop in-loader metadata check for load-time verification
Date: Wed, 08 Jul 2026 08:15:30 +0000 [thread overview]
Message-ID: <20260708081531.37FDE1F000E9@smtp.kernel.org> (raw)
In-Reply-To: <20260708075343.358712-4-daniel@iogearbox.net>
Thank you for your contribution! Sashiko AI review found 2 potential issue(s) to consider:
- [High] bpftool does not include the map contents when generating the PKCS#7 signature, which causes the kernel to always reject signed loaders.
- [High] The `run_gen_loader` function in the selftest does not set `attr.fd_array_cnt`, causing the verifier to reject the loader program with `-EACCES`.
--
--- Patch [3]: [PATCH bpf-next v6 3/8] libbpf: Drop in-loader metadata check for load-time verification ---
commit 7b60178a5e722682c8474b704e91ce40e0fc21ed
Author: Daniel Borkmann <daniel@iogearbox.net>
libbpf: Drop in-loader metadata check for load-time verification
This patch removes the in-BPF verification logic from the signed loader,
relying on the kernel to verify the metadata at BPF_PROG_LOAD time. It
also sets fd_array_cnt in skel_internal.h for signed loads so the kernel
can scan fd_array for the exclusive metadata map.
> libbpf: Drop in-loader metadata check for load-time verification
>
> The signed gen_loader used to police its own metadata map from within
> BPF: emit_signature_match() read the kernel-cached map->sha[] back
> through hardcoded struct bpf_map offsets and compared it against a hash
> that compute_sha_update_offsets() baked into the signed instructions,
> after a BPF_OBJ_GET_INFO_BY_FD round-trip to populate map->sha[].
>
> The kernel now verifies the metadata at BPF_PROG_LOAD time by folding
> the frozen contents of the loader's exclusive fd_array maps into the
> signature, so the loader no longer checks anything itself. Generated
[Severity: High]
Since the kernel now concatenates the map contents to the signed payload
during signature verification in bpf_prog_verify_signature(), does
bpftool need a corresponding update?
Currently, bpftool_prog_sign() in tools/bpf/bpftool/sign.c only signs
the BPF instructions (opts->insns) without including the map contents
(opts->data). Won't this cause the kernel to consistently reject loaders
signed by bpftool with -EKEYREJECTED?
> loaders thus carry no verification logic of their own anymore: Nothing
> in the signing chain depends on emitted loader bytecode doing the right
> thing.
[ ... ]
> diff --git a/tools/lib/bpf/skel_internal.h b/tools/lib/bpf/skel_internal.h
> index 74503d358bc8a..53fee53d36d51 100644
> --- a/tools/lib/bpf/skel_internal.h
> +++ b/tools/lib/bpf/skel_internal.h
[ ... ]
> @@ -400,6 +371,8 @@ static inline int bpf_load_and_run(struct bpf_load_and_run_opts *opts)
> #ifndef __KERNEL__
> attr.signature = (long) opts->signature;
> attr.signature_size = opts->signature_sz;
> + if (opts->signature)
> + attr.fd_array_cnt = 1;
[Severity: High]
Does run_gen_loader() in
tools/testing/selftests/bpf/prog_tests/signed_loader.c need a similar
update to set attr.fd_array_cnt = 1?
Without this, when run_gen_loader() loads the signed program,
fd_array_cnt remains 0. The verifier's fd_array_get_map_idx() will then
see env->signature is set but env->fd_array is missing, which causes
the load to abort with -EACCES and breaks the selftest.
> #else
> if (opts->signature || opts->signature_sz)
> pr_warn("signatures are not supported from bpf_preload\n");
--
Sashiko AI review · https://sashiko.dev/#/patchset/20260708075343.358712-1-daniel@iogearbox.net?part=3
next prev parent reply other threads:[~2026-07-08 8:15 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-08 7:53 [PATCH bpf-next v6 0/8] Verify BPF signed loader at load time Daniel Borkmann
2026-07-08 7:53 ` [PATCH bpf-next v6 1/8] bpf: Resolve and cache fd_array objects " Daniel Borkmann
2026-07-08 7:53 ` [PATCH bpf-next v6 2/8] bpf: Verify signed loader metadata " Daniel Borkmann
2026-07-08 7:53 ` [PATCH bpf-next v6 3/8] libbpf: Drop in-loader metadata check for load-time verification Daniel Borkmann
2026-07-08 8:15 ` sashiko-bot [this message]
2026-07-08 8:20 ` Daniel Borkmann
2026-07-08 7:53 ` [PATCH bpf-next v6 4/8] bpftool: Check EVP_Digest when computing excl_prog_hash Daniel Borkmann
2026-07-08 8:55 ` Quentin Monnet
2026-07-08 7:53 ` [PATCH bpf-next v6 5/8] bpftool: Cover loader metadata with the program signature Daniel Borkmann
2026-07-08 8:55 ` Quentin Monnet
2026-07-08 7:53 ` [PATCH bpf-next v6 6/8] selftests/bpf: Adjust bpf_map layout in verifier_map_ptr Daniel Borkmann
2026-07-08 8:14 ` sashiko-bot
2026-07-08 8:16 ` Daniel Borkmann
2026-07-08 7:53 ` [PATCH bpf-next v6 7/8] selftests/bpf: Verify load-time signed loader metadata Daniel Borkmann
2026-07-08 8:07 ` sashiko-bot
2026-07-08 8:26 ` Daniel Borkmann
2026-07-08 7:53 ` [PATCH bpf-next v6 8/8] Documentation/bpf: Add BPF signing and enforcement doc Daniel Borkmann
2026-07-08 18:30 ` [PATCH bpf-next v6 0/8] Verify BPF signed loader at load time patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260708081531.37FDE1F000E9@smtp.kernel.org \
--to=sashiko-bot@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=sashiko-reviews@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.