From: sashiko-bot@kernel.org
To: "Daniel Borkmann" <daniel@iogearbox.net>
Cc: bpf@vger.kernel.org
Subject: Re: [PATCH bpf-next v6 3/8] libbpf: Drop in-loader metadata check for load-time verification
Date: Wed, 08 Jul 2026 08:15:30 +0000 [thread overview]
Message-ID: <20260708081531.37FDE1F000E9@smtp.kernel.org> (raw)
In-Reply-To: <20260708075343.358712-4-daniel@iogearbox.net>
Thank you for your contribution! Sashiko AI review found 2 potential issue(s) to consider:
- [High] bpftool does not include the map contents when generating the PKCS#7 signature, which causes the kernel to always reject signed loaders.
- [High] The `run_gen_loader` function in the selftest does not set `attr.fd_array_cnt`, causing the verifier to reject the loader program with `-EACCES`.
--
--- Patch [3]: [PATCH bpf-next v6 3/8] libbpf: Drop in-loader metadata check for load-time verification ---
commit 7b60178a5e722682c8474b704e91ce40e0fc21ed
Author: Daniel Borkmann <daniel@iogearbox.net>
libbpf: Drop in-loader metadata check for load-time verification
This patch removes the in-BPF verification logic from the signed loader,
relying on the kernel to verify the metadata at BPF_PROG_LOAD time. It
also sets fd_array_cnt in skel_internal.h for signed loads so the kernel
can scan fd_array for the exclusive metadata map.
> libbpf: Drop in-loader metadata check for load-time verification
>
> The signed gen_loader used to police its own metadata map from within
> BPF: emit_signature_match() read the kernel-cached map->sha[] back
> through hardcoded struct bpf_map offsets and compared it against a hash
> that compute_sha_update_offsets() baked into the signed instructions,
> after a BPF_OBJ_GET_INFO_BY_FD round-trip to populate map->sha[].
>
> The kernel now verifies the metadata at BPF_PROG_LOAD time by folding
> the frozen contents of the loader's exclusive fd_array maps into the
> signature, so the loader no longer checks anything itself. Generated
[Severity: High]
Since the kernel now concatenates the map contents to the signed payload
during signature verification in bpf_prog_verify_signature(), does
bpftool need a corresponding update?
Currently, bpftool_prog_sign() in tools/bpf/bpftool/sign.c only signs
the BPF instructions (opts->insns) without including the map contents
(opts->data). Won't this cause the kernel to consistently reject loaders
signed by bpftool with -EKEYREJECTED?
> loaders thus carry no verification logic of their own anymore: Nothing
> in the signing chain depends on emitted loader bytecode doing the right
> thing.
[ ... ]
> diff --git a/tools/lib/bpf/skel_internal.h b/tools/lib/bpf/skel_internal.h
> index 74503d358bc8a..53fee53d36d51 100644
> --- a/tools/lib/bpf/skel_internal.h
> +++ b/tools/lib/bpf/skel_internal.h
[ ... ]
> @@ -400,6 +371,8 @@ static inline int bpf_load_and_run(struct bpf_load_and_run_opts *opts)
> #ifndef __KERNEL__
> attr.signature = (long) opts->signature;
> attr.signature_size = opts->signature_sz;
> + if (opts->signature)
> + attr.fd_array_cnt = 1;
[Severity: High]
Does run_gen_loader() in
tools/testing/selftests/bpf/prog_tests/signed_loader.c need a similar
update to set attr.fd_array_cnt = 1?
Without this, when run_gen_loader() loads the signed program,
fd_array_cnt remains 0. The verifier's fd_array_get_map_idx() will then
see env->signature is set but env->fd_array is missing, which causes
the load to abort with -EACCES and breaks the selftest.
> #else
> if (opts->signature || opts->signature_sz)
> pr_warn("signatures are not supported from bpf_preload\n");
--
Sashiko AI review · https://sashiko.dev/#/patchset/20260708075343.358712-1-daniel@iogearbox.net?part=3
next prev parent reply other threads:[~2026-07-08 8:15 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-08 7:53 [PATCH bpf-next v6 0/8] Verify BPF signed loader at load time Daniel Borkmann
2026-07-08 7:53 ` [PATCH bpf-next v6 1/8] bpf: Resolve and cache fd_array objects " Daniel Borkmann
2026-07-08 7:53 ` [PATCH bpf-next v6 2/8] bpf: Verify signed loader metadata " Daniel Borkmann
2026-07-08 7:53 ` [PATCH bpf-next v6 3/8] libbpf: Drop in-loader metadata check for load-time verification Daniel Borkmann
2026-07-08 8:15 ` sashiko-bot [this message]
2026-07-08 8:20 ` Daniel Borkmann
2026-07-08 7:53 ` [PATCH bpf-next v6 4/8] bpftool: Check EVP_Digest when computing excl_prog_hash Daniel Borkmann
2026-07-08 8:55 ` Quentin Monnet
2026-07-08 7:53 ` [PATCH bpf-next v6 5/8] bpftool: Cover loader metadata with the program signature Daniel Borkmann
2026-07-08 8:55 ` Quentin Monnet
2026-07-08 7:53 ` [PATCH bpf-next v6 6/8] selftests/bpf: Adjust bpf_map layout in verifier_map_ptr Daniel Borkmann
2026-07-08 8:14 ` sashiko-bot
2026-07-08 8:16 ` Daniel Borkmann
2026-07-08 7:53 ` [PATCH bpf-next v6 7/8] selftests/bpf: Verify load-time signed loader metadata Daniel Borkmann
2026-07-08 8:07 ` sashiko-bot
2026-07-08 8:26 ` Daniel Borkmann
2026-07-08 7:53 ` [PATCH bpf-next v6 8/8] Documentation/bpf: Add BPF signing and enforcement doc Daniel Borkmann
2026-07-08 18:30 ` [PATCH bpf-next v6 0/8] Verify BPF signed loader at load time patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260708081531.37FDE1F000E9@smtp.kernel.org \
--to=sashiko-bot@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=sashiko-reviews@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox