en Copyright 2015 Java http://kernelsources.org:8080/source/history/linux/tools/testing/selftests/bpf/prog_tests/signed_loader.c#8ddce416797b7454ba1df855821b02c6e43b5a0e selftests/bpf: Inspect the signature verdict exposed to BPF LSMAdd a minimal BPF LSM program on lsm/bpf_prog_load that, for loads onthe monitored thread, reads back prog->aux->sig.{verdict,keyring_type,keyring_serial}, and a signed_loader subtest that drives the samegen_loader loader through the hook twice: i) /unsigned/ where the LSMmust observe UNSIGNED, no keyring and serial 0; ii) /signed/ where thevery same insns signed against the session keyring must be observed asVERIFIED with a user keyring, and the recorded keyring_serial must beequal to the resolved session keyring serial. Loading (not running) theloader is sufficient since the verdict is attached at load time. # LDLIBS=-static PKG_CONFIG='pkg-config --static' ./vmtest.sh -- ./test_progs -t signed_loader [ 1.970530] clocksource: Switched to clocksource tsc #405/1 signed_loader/metadata_check_shape:OK #405/2 signed_loader/metadata_match:OK #405/3 signed_loader/metadata_sha_mismatch:OK #405/4 signed_loader/metadata_not_exclusive:OK #405/5 signed_loader/metadata_hash_not_computed:OK #405/6 signed_loader/signature_enforced:OK #405/7 signed_loader/signature_too_large:OK #405/8 signed_loader/signature_bad_keyring:OK #405/9 signed_loader/metadata_ctx_max_entries_ignored:OK #405/10 signed_loader/metadata_ctx_initial_value_ignored:OK #405/11 signed_loader/signature_authenticates_insns:OK #405/12 signed_loader/hash_requires_frozen:OK #405/13 signed_loader/no_update_after_freeze:OK #405/14 signed_loader/freeze_writable_mmap:OK #405/15 signed_loader/no_writable_mmap_frozen:OK #405/16 signed_loader/map_hash_matches_libbpf:OK #405/17 signed_loader/map_hash_multi_element:OK #405/18 signed_loader/map_hash_bad_size:OK #405/19 signed_loader/map_hash_unsupported_type:OK #405/20 signed_loader/lsm_signature_verdict:OK #405 signed_loader:OK Summary: 1/20 PASSED, 0 SKIPPED, 0 FAILEDSigned-off-by: Daniel Borkmann <daniel@iogearbox.net>Link: https://lore.kernel.org/r/20260605213518.544262-2-daniel@iogearbox.netSigned-off-by: Alexei Starovoitov <ast@kernel.org> List of files: /linux/tools/testing/selftests/bpf/prog_tests/signed_loader.c Fri, 05 Jun 2026 23:35:18 +0200 Daniel Borkmann <daniel@iogearbox.net> http://kernelsources.org:8080/source/history/linux/tools/testing/selftests/bpf/prog_tests/signed_loader.c#5b88319e4775ee1924d5b709084b25f72e6fe78d selftests/bpf: Test signed loader error pathsThe positive path for signed BPF loaders is covered today by thesigned lskels (fentry_test, fexit_test, atomics).But the runtime metadata check the generated loader performs (libbpfgen_loader's emit_signature_match), the map content hash it relieson, the load-time signature, and the immutability invariants of itsmetadata map are not yet covered.Thus, add a new, extensive test suite which drives libbpf's gen_loader(bpf_object__gen_loader, gen_hash=true), the same machinery whichbpftool uses for signed light skeletons, and exercise corner casesso that we can assert this in BPF CI: # LDLIBS=-static PKG_CONFIG='pkg-config --static' ./vmtest.sh -- ./test_progs -t signed_loader [...] [ 1.840842] clocksource: Switched to clocksource tsc #405/1 signed_loader/metadata_check_shape:OK #405/2 signed_loader/metadata_match:OK #405/3 signed_loader/metadata_sha_mismatch:OK #405/4 signed_loader/metadata_not_exclusive:OK #405/5 signed_loader/metadata_hash_not_computed:OK #405/6 signed_loader/signature_enforced:OK #405/7 signed_loader/signature_too_large:OK #405/8 signed_loader/signature_bad_keyring:OK #405/9 signed_loader/metadata_ctx_max_entries_ignored:OK #405/10 signed_loader/metadata_ctx_initial_value_ignored:OK #405/11 signed_loader/signature_authenticates_insns:OK #405/12 signed_loader/hash_requires_frozen:OK #405/13 signed_loader/no_update_after_freeze:OK #405/14 signed_loader/freeze_writable_mmap:OK #405/15 signed_loader/no_writable_mmap_frozen:OK #405/16 signed_loader/map_hash_matches_libbpf:OK #405/17 signed_loader/map_hash_multi_element:OK #405/18 signed_loader/map_hash_bad_size:OK #405/19 signed_loader/map_hash_unsupported_type:OK #405 signed_loader:OK Summary: 1/19 PASSED, 0 SKIPPED, 0 FAILEDSigned-off-by: Daniel Borkmann <daniel@iogearbox.net>Link: https://lore.kernel.org/r/20260603211658.471212-2-daniel@iogearbox.netSigned-off-by: Alexei Starovoitov <ast@kernel.org> List of files: /linux/tools/testing/selftests/bpf/prog_tests/signed_loader.c Wed, 03 Jun 2026 23:16:58 +0200 Daniel Borkmann <daniel@iogearbox.net>