| Series |
HID: bpf_struct_ops, part 2
|
expand
-
[HID,v2,00/13] HID: bpf_struct_ops, part 2
-
[HID,v2,01/13] HID: bpf: fix dispatch_hid_bpf_device_event uninitialized ret value
-
[HID,v2,02/13] HID: add source argument to HID low level functions
-
[HID,v2,03/13] HID: bpf: protect HID-BPF prog_list access by a SRCU
-
[HID,v2,04/13] HID: bpf: add HID-BPF hooks for hid_hw_raw_requests
-
[HID,v2,05/13] HID: bpf: prevent infinite recursions with hid_hw_raw_requests hooks
-
[HID,v2,06/13] selftests/hid: add tests for hid_hw_raw_request HID-BPF hooks
-
[HID,v2,07/13] HID: bpf: add HID-BPF hooks for hid_hw_output_report
-
[HID,v2,08/13] selftests/hid: add tests for hid_hw_output_report HID-BPF hooks
-
[HID,v2,09/13] HID: bpf: make hid_bpf_input_report() sleep until the device is ready
-
[HID,v2,10/13] selftests/hid: add wq test for hid_bpf_input_report()
-
[HID,v2,11/13] HID: bpf: allow hid_device_event hooks to inject input reports on self
-
[HID,v2,12/13] selftests/hid: add another test for injecting an event from an event hook
-
[HID,v2,13/13] selftests/hid: add an infinite loop test for hid_bpf_try_input_report
|
This series is a followup of the struct_ops conversion. Therefore, it is based on top of the for-6.11/bpf branch of the hid.git tree: https://git.kernel.org/pub/scm/linux/kernel/git/hid/hid.git/log/?h=for-6.11/bpf The first patch should go in ASAP, it's a fix that was detected by Dan and which is actually breaking some use cases. The rest is adding new capabilities to HID-BPF: being able to intercept hid_hw_raw_request() and hid_hw_ouptut_report(). Both operations are write operations to the device. Having those new hooks allows to implement the "firewall" of HID devices: this way a bpf program can selectively authorize an hidraw client to write or not to the device depending on what is requested. This also allows to completely emulate new behavior: we can now create a "fake" feature on a HID device, and when we receive a request on this feature, we can emulate the answer by either statically answering or even by communicating with the device from bpf, as those new hooks are sleepable. Last, there is one change in the kfunc hid_bpf_input_report, in which it actually waits for the device to be ready. This will not break any potential users as the function was already declared as sleepable. Cheers, Benjamin Signed-off-by: Benjamin Tissoires <bentiss@kernel.org> --- Changes in v2: - made use of srcu, for sleepable users - Link to v1: https://lore.kernel.org/r/20240621-hid_hw_req_bpf-v1-0-d7ab8b885a0b@kernel.org --- Benjamin Tissoires (13): HID: bpf: fix dispatch_hid_bpf_device_event uninitialized ret value HID: add source argument to HID low level functions HID: bpf: protect HID-BPF prog_list access by a SRCU HID: bpf: add HID-BPF hooks for hid_hw_raw_requests HID: bpf: prevent infinite recursions with hid_hw_raw_requests hooks selftests/hid: add tests for hid_hw_raw_request HID-BPF hooks HID: bpf: add HID-BPF hooks for hid_hw_output_report selftests/hid: add tests for hid_hw_output_report HID-BPF hooks HID: bpf: make hid_bpf_input_report() sleep until the device is ready selftests/hid: add wq test for hid_bpf_input_report() HID: bpf: allow hid_device_event hooks to inject input reports on self selftests/hid: add another test for injecting an event from an event hook selftests/hid: add an infinite loop test for hid_bpf_try_input_report Documentation/hid/hid-bpf.rst | 2 +- drivers/hid/bpf/hid_bpf_dispatch.c | 165 ++++++++++- drivers/hid/bpf/hid_bpf_dispatch.h | 1 + drivers/hid/bpf/hid_bpf_struct_ops.c | 6 +- drivers/hid/hid-core.c | 118 +++++--- drivers/hid/hidraw.c | 10 +- include/linux/hid.h | 7 + include/linux/hid_bpf.h | 80 ++++- tools/testing/selftests/hid/hid_bpf.c | 326 +++++++++++++++++++++ tools/testing/selftests/hid/progs/hid.c | 292 ++++++++++++++++++ .../testing/selftests/hid/progs/hid_bpf_helpers.h | 13 + 11 files changed, 955 insertions(+), 65 deletions(-) --- base-commit: 33c0fb85b571b0f1bbdbf466e770eebeb29e6f41 change-id: 20240614-hid_hw_req_bpf-df0b95aeb425 Best regards,