From: KP Singh <kpsingh@kernel.org>
To: linux-security-module@vger.kernel.org, bpf@vger.kernel.org
Cc: ast@kernel.org, daniel@iogearbox.net, memxor@gmail.com,
James.Bottomley@HansenPartnership.com, paul@paul-moore.com
Subject: [PATCH bpf-next 00/13] Signed BPF + IPE Policies
Date: Fri, 22 May 2026 04:32:20 +0200 [thread overview]
Message-ID: <20260522023234.3778588-1-kpsingh@kernel.org> (raw)
This series continues the "Signed BPF programs" work and adds
the missing pieces needed for an LSM to do policy enforcement
and addresses the concerns raised by the developers of Hornet.
One signing scheme, please.
BPF does not need a second signing scheme. It needs a policy
framework that consumes the verdict the existing signing pipeline
produces. Two parallel signing stacks is harmful UX for Cilium,
bpftrace, systemd, distros, and everyone shipping signed lskels.
Hornet has been NACK'd repeatedly by the BPF maintainers [1][2]
on layering and TOCTOU grounds.
What this series adds
- prog->aux->sig (verdict + keyring) and prog->aux->is_kernel,
populated by the syscall path before security_bpf_prog_load
fires.
- bpf_loader_verify_metadata kfunc -- the metadata check is now
kernel C code, not BPF bytecode. The verifier injects the
calling prog->aux as an implicit argument via KF_IMPLICIT_ARGS.
- Loader-side prog BTF with BPF_PSEUDO_KFUNC_CALL_PROG_BTF so
the kfunc CALL is reproducible across build hosts and resolved
at load time.
- security_bpf_prog_load_post_integrity LSM hook, fired by the
kfunc on a successful metadata check.
- IPE properties (bpf_signature, bpf_keyring, bpf_kernel) and
two ops (BPF_PROG_LOAD, BPF_PROG_LOAD_POST_INTEGRITY).
This series address concerns raised by the Hornet developers:
* The metadata hash check should be in kernel C, not BPF
bytecode -- Blaise Boscaccy [3]:
The bpf_loader_verify_metadata kfunc moves the hash check from
inline BPF instructions into kernel C code.
* LSMs cannot observe the verification result at hook time --
Paul Moore [4]:
prog->aux->sig.verdict and sig.keyring are populated before any
LSM hook runs. Furthermore, security_bpf_prog_load_post_integrity
hook fires after the in-kernel hash check for consumers that want
to observe or gate the post-integrity transition.
[1] Alexei Starovoitov, NACK on Hornet (TOCTOU + layering),
https://lore.kernel.org/all/CAADnVQJ1CRvTXBU771KaYzrx-vRaWF+k164DcFOqOsCxmuL+ig@mail.gmail.com/
[2] Daniel Borkmann, NACK on Hornet v3,
https://lore.kernel.org/all/798dba24-b5a7-4584-a1f6-793883fe9b5e@iogearbox.net/
[3] Blaise Boscaccy, Hornet v6 (C-side hash verification rationale),
https://lore.kernel.org/all/20260429191431.2345448-1-bboscaccy@linux.microsoft.com/
[4] Paul Moore, push for post-verifier observability,
https://lore.kernel.org/all/CACYkzJ4+=3owK+ELD9Nw7Rrm-UajxXEw8kVtOTJJ+SNAXpsOpw@mail.gmail.com/
KP Singh (13):
bpf: expose signature verdict to LSMs via bpf_prog_aux
bpf: include prog BTF in the signed loader signature scope
bpf, libbpf: load prog BTF in the skel_internal loader
bpf: add bpf_loader_verify_metadata kfunc
bpf: compute prog->digest at BPF_PROG_LOAD entry
bpf: resolve loader-style kfunc CALLs against prog BTF
libbpf: generate prog BTF for loader programs
bpftool gen: embed loader prog BTF in the lskel header
lsm: add bpf_prog_load_post_integrity hook
bpf: invoke security_bpf_prog_load_post_integrity from the metadata
kfunc
ipe: add BPF program signature properties
ipe: gate post-integrity BPF program loads
selftests/bpf: add IPE BPF policy integration tests
include/linux/bpf.h | 19 +++
include/linux/bpf_verifier.h | 6 +
include/linux/btf.h | 1 +
include/linux/lsm_hook_defs.h | 1 +
include/linux/security.h | 6 +
include/uapi/linux/bpf.h | 5 +
kernel/bpf/btf.c | 8 +
kernel/bpf/check_btf.c | 18 +-
kernel/bpf/helpers.c | 65 ++++++++
kernel/bpf/syscall.c | 76 ++++++++-
kernel/bpf/verifier.c | 58 ++++++-
security/ipe/Kconfig | 14 ++
security/ipe/audit.c | 13 ++
security/ipe/eval.c | 57 +++++++
security/ipe/eval.h | 5 +
security/ipe/hooks.c | 42 +++++
security/ipe/hooks.h | 9 +
security/ipe/ipe.c | 4 +
security/ipe/policy.h | 11 ++
security/ipe/policy_parser.c | 20 +++
security/security.c | 17 ++
tools/bpf/bpftool/gen.c | 21 +++
tools/bpf/bpftool/sign.c | 17 +-
tools/include/uapi/linux/bpf.h | 5 +
tools/lib/bpf/bpf_gen_internal.h | 2 +
tools/lib/bpf/gen_loader.c | 127 +++++++++++---
tools/lib/bpf/libbpf.h | 4 +-
tools/lib/bpf/skel_internal.h | 67 +++++---
.../selftests/bpf/test_signed_bpf_ipe.sh | 156 ++++++++++++++++++
tools/testing/selftests/bpf/vmtest.sh | 4 +-
30 files changed, 775 insertions(+), 83 deletions(-)
create mode 100755 tools/testing/selftests/bpf/test_signed_bpf_ipe.sh
--
2.53.0
next reply other threads:[~2026-05-22 2:32 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-22 2:32 KP Singh [this message]
2026-05-22 2:32 ` [PATCH bpf-next 01/13] bpf: expose signature verdict to LSMs via bpf_prog_aux KP Singh
2026-05-22 2:32 ` [PATCH bpf-next 02/13] bpf: include prog BTF in the signed loader signature scope KP Singh
2026-05-22 2:32 ` [PATCH bpf-next 03/13] bpf, libbpf: load prog BTF in the skel_internal loader KP Singh
2026-05-22 2:32 ` [PATCH bpf-next 04/13] bpf: add bpf_loader_verify_metadata kfunc KP Singh
2026-05-22 2:32 ` [PATCH bpf-next 05/13] bpf: compute prog->digest at BPF_PROG_LOAD entry KP Singh
2026-05-22 2:32 ` [PATCH bpf-next 06/13] bpf: resolve loader-style kfunc CALLs against prog BTF KP Singh
2026-05-22 2:32 ` [PATCH bpf-next 07/13] libbpf: generate prog BTF for loader programs KP Singh
2026-05-22 2:32 ` [PATCH bpf-next 08/13] bpftool gen: embed loader prog BTF in the lskel header KP Singh
2026-05-22 2:32 ` [PATCH bpf-next 09/13] lsm: add bpf_prog_load_post_integrity hook KP Singh
2026-05-22 2:32 ` [PATCH bpf-next 10/13] bpf: invoke security_bpf_prog_load_post_integrity from the metadata kfunc KP Singh
2026-05-22 2:32 ` [PATCH bpf-next 11/13] ipe: add BPF program signature properties KP Singh
2026-05-22 2:32 ` [PATCH bpf-next 12/13] ipe: gate post-integrity BPF program loads KP Singh
2026-05-22 2:32 ` [PATCH bpf-next 13/13] selftests/bpf: add IPE BPF policy integration tests KP Singh
2026-05-22 18:56 ` [PATCH bpf-next 00/13] Signed BPF + IPE Policies Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260522023234.3778588-1-kpsingh@kernel.org \
--to=kpsingh@kernel.org \
--cc=James.Bottomley@HansenPartnership.com \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=linux-security-module@vger.kernel.org \
--cc=memxor@gmail.com \
--cc=paul@paul-moore.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox