* [RFC PATCH] hornet: adjustments for the updated bpf_map_ops::map_get_hash() API
@ 2026-06-02 18:36 Paul Moore
2026-06-02 19:50 ` Blaise Boscaccy
0 siblings, 1 reply; 2+ messages in thread
From: Paul Moore @ 2026-06-02 18:36 UTC (permalink / raw)
To: linux-security-module; +Cc: Blaise Boscaccy
Commit c48c3a7e7d5b ("bpf: Drop redundant hash_buf from map_get_hash
operation") changed the map_get_hash() API to only take a single
parameter, the bpf_map instance; this commit updates the Hornet code
accordingly.
Beyond the basic map_get_hash() usage change, this commit also removes
the remaining SHA-256 specific code from Hornet, instead relying on the
size of the bpf_map::sha field to determine the appropriate digest size.
While Hornet remains tied to SHA-256 because it is hardcoded into the
BPF subsystem, the Hornet code itself should now be fairly agile with
respect to hash algorithms. The only area where Hornet does appear to
hardcode a hash algorithm is in the MAP_DIGEST_SIZE macro where the
bpf_map::sha field is referenced, but that is purely a field name and
if the BPF subsystem changes the name to something more generic it will
be easily caught and corrected at build time.
Signed-off-by: Paul Moore <paul@paul-moore.com>
---
security/hornet/hornet_lsm.c | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/security/hornet/hornet_lsm.c b/security/hornet/hornet_lsm.c
index eeb422db1092..a1cb2e130323 100644
--- a/security/hornet/hornet_lsm.c
+++ b/security/hornet/hornet_lsm.c
@@ -17,16 +17,17 @@
#include <linux/sort.h>
#include <linux/asn1_decoder.h>
#include <linux/oid_registry.h>
+#include <linux/stddef.h>
#include "hornet.asn1.h"
#define MAX_USED_MAPS 64
-/* The only hashing algorithm available is SHA256 due to it be hardcoded
- * in the bpf subsystem.
- */
+/* Use the hash alg hardcoded into the bpf subsystem, currently sha256 */
+#define MAP_DIGEST_SIZE (sizeof_field(struct bpf_map, sha))
+
struct hornet_prog_security_struct {
int signed_hash_count;
- unsigned char signed_hashes[SHA256_DIGEST_SIZE * MAX_USED_MAPS];
+ unsigned char signed_hashes[MAP_DIGEST_SIZE * MAX_USED_MAPS];
};
struct hornet_parse_context {
@@ -60,12 +61,12 @@ int hornet_map_hash(void *context, size_t hdrlen,
{
struct hornet_parse_context *ctx = (struct hornet_parse_context *)context;
- if (vlen != SHA256_DIGEST_SIZE && vlen != 0)
+ if (vlen != MAP_DIGEST_SIZE && vlen != 0)
return -EINVAL;
if (ctx->security->signed_hash_count >= MAX_USED_MAPS)
return -EINVAL;
- memcpy(&ctx->security->signed_hashes[ctx->security->signed_hash_count * SHA256_DIGEST_SIZE],
+ memcpy(&ctx->security->signed_hashes[ctx->security->signed_hash_count * MAP_DIGEST_SIZE],
value, vlen);
return 0;
@@ -188,7 +189,6 @@ static int hornet_bpf_prog_load_integrity(struct bpf_prog *prog, union bpf_attr
static int hornet_check_prog_maps(struct bpf_prog *prog)
{
struct hornet_prog_security_struct *security;
- unsigned char hash[SHA256_DIGEST_SIZE];
struct bpf_map *map;
int i, j;
bool found;
@@ -209,12 +209,12 @@ static int hornet_check_prog_maps(struct bpf_prog *prog)
if (!READ_ONCE(map->frozen) || !map->ops->map_get_hash)
continue;
- if (map->ops->map_get_hash(map, SHA256_DIGEST_SIZE, hash))
+ if (map->ops->map_get_hash(map))
continue;
- if (memcmp(hash,
- &security->signed_hashes[i * SHA256_DIGEST_SIZE],
- SHA256_DIGEST_SIZE) == 0) {
+ if (memcmp(map->sha,
+ &security->signed_hashes[i * MAP_DIGEST_SIZE],
+ MAP_DIGEST_SIZE) == 0) {
found = true;
break;
}
--
2.54.0
^ permalink raw reply related [flat|nested] 2+ messages in thread* Re: [RFC PATCH] hornet: adjustments for the updated bpf_map_ops::map_get_hash() API
2026-06-02 18:36 [RFC PATCH] hornet: adjustments for the updated bpf_map_ops::map_get_hash() API Paul Moore
@ 2026-06-02 19:50 ` Blaise Boscaccy
0 siblings, 0 replies; 2+ messages in thread
From: Blaise Boscaccy @ 2026-06-02 19:50 UTC (permalink / raw)
To: Paul Moore, linux-security-module
Paul Moore <paul@paul-moore.com> writes:
> Commit c48c3a7e7d5b ("bpf: Drop redundant hash_buf from map_get_hash
> operation") changed the map_get_hash() API to only take a single
> parameter, the bpf_map instance; this commit updates the Hornet code
> accordingly.
>
> Beyond the basic map_get_hash() usage change, this commit also removes
> the remaining SHA-256 specific code from Hornet, instead relying on the
> size of the bpf_map::sha field to determine the appropriate digest size.
> While Hornet remains tied to SHA-256 because it is hardcoded into the
> BPF subsystem, the Hornet code itself should now be fairly agile with
> respect to hash algorithms. The only area where Hornet does appear to
> hardcode a hash algorithm is in the MAP_DIGEST_SIZE macro where the
> bpf_map::sha field is referenced, but that is purely a field name and
> if the BPF subsystem changes the name to something more generic it will
> be easily caught and corrected at build time.
>
> Signed-off-by: Paul Moore <paul@paul-moore.com>
> ---
> security/hornet/hornet_lsm.c | 22 +++++++++++-----------
> 1 file changed, 11 insertions(+), 11 deletions(-)
>
> diff --git a/security/hornet/hornet_lsm.c b/security/hornet/hornet_lsm.c
> index eeb422db1092..a1cb2e130323 100644
> --- a/security/hornet/hornet_lsm.c
> +++ b/security/hornet/hornet_lsm.c
> @@ -17,16 +17,17 @@
> #include <linux/sort.h>
> #include <linux/asn1_decoder.h>
> #include <linux/oid_registry.h>
> +#include <linux/stddef.h>
> #include "hornet.asn1.h"
>
> #define MAX_USED_MAPS 64
>
> -/* The only hashing algorithm available is SHA256 due to it be hardcoded
> - * in the bpf subsystem.
> - */
> +/* Use the hash alg hardcoded into the bpf subsystem, currently sha256 */
> +#define MAP_DIGEST_SIZE (sizeof_field(struct bpf_map, sha))
> +
> struct hornet_prog_security_struct {
> int signed_hash_count;
> - unsigned char signed_hashes[SHA256_DIGEST_SIZE * MAX_USED_MAPS];
> + unsigned char signed_hashes[MAP_DIGEST_SIZE * MAX_USED_MAPS];
> };
>
> struct hornet_parse_context {
> @@ -60,12 +61,12 @@ int hornet_map_hash(void *context, size_t hdrlen,
> {
> struct hornet_parse_context *ctx = (struct hornet_parse_context *)context;
>
> - if (vlen != SHA256_DIGEST_SIZE && vlen != 0)
> + if (vlen != MAP_DIGEST_SIZE && vlen != 0)
> return -EINVAL;
> if (ctx->security->signed_hash_count >= MAX_USED_MAPS)
> return -EINVAL;
>
> - memcpy(&ctx->security->signed_hashes[ctx->security->signed_hash_count * SHA256_DIGEST_SIZE],
> + memcpy(&ctx->security->signed_hashes[ctx->security->signed_hash_count * MAP_DIGEST_SIZE],
> value, vlen);
>
> return 0;
> @@ -188,7 +189,6 @@ static int hornet_bpf_prog_load_integrity(struct bpf_prog *prog, union bpf_attr
> static int hornet_check_prog_maps(struct bpf_prog *prog)
> {
> struct hornet_prog_security_struct *security;
> - unsigned char hash[SHA256_DIGEST_SIZE];
> struct bpf_map *map;
> int i, j;
> bool found;
> @@ -209,12 +209,12 @@ static int hornet_check_prog_maps(struct bpf_prog *prog)
> if (!READ_ONCE(map->frozen) || !map->ops->map_get_hash)
> continue;
>
> - if (map->ops->map_get_hash(map, SHA256_DIGEST_SIZE, hash))
> + if (map->ops->map_get_hash(map))
> continue;
>
> - if (memcmp(hash,
> - &security->signed_hashes[i * SHA256_DIGEST_SIZE],
> - SHA256_DIGEST_SIZE) == 0) {
> + if (memcmp(map->sha,
> + &security->signed_hashes[i * MAP_DIGEST_SIZE],
> + MAP_DIGEST_SIZE) == 0) {
> found = true;
> break;
> }
> --
> 2.54.0
Acked-by: Blaise Boscaccy <bboscaccy@linux.microsoft.com>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-06-02 19:50 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-02 18:36 [RFC PATCH] hornet: adjustments for the updated bpf_map_ops::map_get_hash() API Paul Moore
2026-06-02 19:50 ` Blaise Boscaccy
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox