From: Song Liu <song@kernel.org>
To: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Cc: bpf <bpf@vger.kernel.org>,
LSM List <linux-security-module@vger.kernel.org>,
Linux-Fsdevel <linux-fsdevel@vger.kernel.org>,
fsverity@lists.linux.dev, Eric Biggers <ebiggers@kernel.org>,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Andrii Nakryiko <andrii@kernel.org>,
Martin KaFai Lau <martin.lau@linux.dev>,
Christian Brauner <brauner@kernel.org>,
Alexander Viro <viro@zeniv.linux.org.uk>,
Casey Schaufler <casey@schaufler-ca.com>,
Amir Goldstein <amir73il@gmail.com>,
KP Singh <kpsingh@kernel.org>,
Roberto Sassu <roberto.sassu@huawei.com>,
Kernel Team <kernel-team@meta.com>
Subject: Re: [PATCH v14 bpf-next 6/6] selftests/bpf: Add test that uses fsverity and xattr to sign a file
Date: Wed, 29 Nov 2023 09:58:07 -0800 [thread overview]
Message-ID: <CAPhsuW4aOLb9sPBF69r8Sd=nR+En17XswfP==En-sZJ8rNd8Zg@mail.gmail.com> (raw)
In-Reply-To: <CAPhsuW7xGNybcovxTO+T_R7FqYpPvU7J1EX2OCOfbtASRG9yAg@mail.gmail.com>
On Wed, Nov 29, 2023 at 9:13 AM Song Liu <song@kernel.org> wrote:
>
> On Wed, Nov 29, 2023 at 6:56 AM Alexei Starovoitov
> <alexei.starovoitov@gmail.com> wrote:
> >
> > On Wed, Nov 29, 2023 at 3:20 AM Song Liu <song@kernel.org> wrote:
> > >
> > > On Tue, Nov 28, 2023 at 10:47 PM Alexei Starovoitov
> > > <alexei.starovoitov@gmail.com> wrote:
> > > >
> > > > On Tue, Nov 28, 2023 at 4:37 PM Song Liu <song@kernel.org> wrote:
> > > > > +char digest[MAGIC_SIZE + sizeof(struct fsverity_digest) + SHA256_DIGEST_SIZE];
> > > >
> > > > when vmlinux is built without CONFIG_FS_VERITY the above fails
> > > > in a weird way:
> > > > CLNG-BPF [test_maps] test_sig_in_xattr.bpf.o
> > > > progs/test_sig_in_xattr.c:36:26: error: invalid application of
> > > > 'sizeof' to an incomplete type 'struct fsverity_digest'
> > > > 36 | char digest[MAGIC_SIZE + sizeof(struct fsverity_digest) +
> > > > SHA256_DIGEST_SIZE];
> > > > | ^ ~~~~~~~~~~~~~~~~~~~~~~~~
> > > >
> > > > Is there a way to somehow print a hint during the build what
> > > > configs users need to enable to pass the build ?
> > >
> > > Patch 5/6 added CONFIG_FS_VERITY to tools/testing/selftests/bpf/config.
> > > This is a more general question for all required CONFIG_* specified in the
> > > file (and the config files for other selftests).
> > >
> > > In selftests/bpf/Makefile, we have logic to find vmlinux. We can add similar
> > > logic to find .config used to build the vmlinux, and grep for each required
> > > CONFIG_* from the .config file. Does this sound like a viable solution?
> >
> > No need for new logic to parse .config.
> > libbpf does it already and
> > extern bool CONFIG_FS_VERITY __kconfig __weak;
> > works.
> >
> > Since you hard code MAGIC_SIZE anyway I'm asking
> > to hard code sizeof(struct fsverity_digest) as well, since the bpf prog
> > doesn't access it directly. It only needs to know its size.
> >
> > While inside:
> > int BPF_PROG(test_file_open, struct file *f)
> > {
> > if (!CONFIG_FS_VERITY) {
> > skip_fs_verity_test = true;
> > return 0;
> > }
> >
> > and report it as a clean error message in test_progs.
>
> Yeah, this makes sense. Let me update the tests.
Actually, it is easier. We already have skip-test logic for cases
where FS verity is not supported (as we need to enable it in
vmlinux and enable it per filesystem). So we only need to hard
code sizeof(struct fsverity_digest).
Thanks,
Song
next prev parent reply other threads:[~2023-11-29 17:58 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-29 0:36 [PATCH v14 bpf-next 0/6] bpf: File verification with LSM and fsverity Song Liu
2023-11-29 0:36 ` [PATCH v14 bpf-next 1/6] bpf: Add kfunc bpf_get_file_xattr Song Liu
2023-11-29 16:06 ` KP Singh
2023-11-29 0:36 ` [PATCH v14 bpf-next 2/6] bpf, fsverity: Add kfunc bpf_get_fsverity_digest Song Liu
2023-11-29 0:36 ` [PATCH v14 bpf-next 3/6] Documentation/bpf: Add documentation for filesystem kfuncs Song Liu
2023-11-29 0:36 ` [PATCH v14 bpf-next 4/6] selftests/bpf: Sort config in alphabetic order Song Liu
2023-11-29 0:36 ` [PATCH v14 bpf-next 5/6] selftests/bpf: Add tests for filesystem kfuncs Song Liu
2023-11-29 0:36 ` [PATCH v14 bpf-next 6/6] selftests/bpf: Add test that uses fsverity and xattr to sign a file Song Liu
2023-11-29 6:47 ` Alexei Starovoitov
2023-11-29 11:20 ` Song Liu
2023-11-29 14:55 ` Alexei Starovoitov
2023-11-29 17:13 ` Song Liu
2023-11-29 17:58 ` Song Liu [this message]
2023-11-30 4:02 ` kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAPhsuW4aOLb9sPBF69r8Sd=nR+En17XswfP==En-sZJ8rNd8Zg@mail.gmail.com' \
--to=song@kernel.org \
--cc=alexei.starovoitov@gmail.com \
--cc=amir73il@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=brauner@kernel.org \
--cc=casey@schaufler-ca.com \
--cc=daniel@iogearbox.net \
--cc=ebiggers@kernel.org \
--cc=fsverity@lists.linux.dev \
--cc=kernel-team@meta.com \
--cc=kpsingh@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=martin.lau@linux.dev \
--cc=roberto.sassu@huawei.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).