| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 09 Dec 2013 18:51:57 +0900 From: Masami Hiramatsu <masami.hiramatsu.pt@...achi.com> To: Namhyung Kim <namhyung@...nel.org> Cc: Alexei Starovoitov <ast@...mgrid.com>, Steven Rostedt <rostedt@...dmis.org>, Ingo Molnar <mingo@...nel.org>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, "H. Peter Anvin" <hpa@...or.com>, Thomas Gleixner <tglx@...utronix.de>, Tom Zanussi <tom.zanussi@...ux.intel.com>, Jovi Zhangwei <jovi.zhangwei@...il.com>, Eric Dumazet <edumazet@...gle.com>, linux-kernel@...r.kernel.org, Linus Torvalds <torvalds@...ux-foundation.org>, Andrew Morton <akpm@...ux-foundation.org>, Frédéric Weisbecker <fweisbec@...il.com>, Arnaldo Carvalho de Melo <acme@...radead.org>, Tom Zanussi <tzanussi@...il.com>, Pekka Enberg <penberg@....fi>, "David S. Miller" <davem@...emloft.net>, Arjan van de Ven <arjan@...radead.org>, Christoph Hellwig <hch@...radead.org>, Oleg Nesterov <oleg@...hat.com>, "yrl.pp-manager.tt@...achi.com" <yrl.pp-manager.tt@...achi.com> Subject: Re: [RFC PATCH tip 0/5] tracing filters with BPF (2013/12/09 16:29), Namhyung Kim wrote: > Hi Masami, > > On Wed, 04 Dec 2013 10:13:37 +0900, Masami Hiramatsu wrote: >> (2013/12/04 3:26), Alexei Starovoitov wrote: >>> the only inconvenience so far is to know how parameters are getting >>> into registers. >>> on x86-64, arg1 is in rdi, arg2 is in rsi,... I want to improve that >>> after first step is done. >> >> Actually, that part is done by the perf-probe and ftrace dynamic events >> (kernel/trace/trace_probe.c). I think this generic BPF is good for >> re-implementing fetch methods. :) > > For implementing patch method, it seems that it needs to access to user > memory, stack and/or current (task_struct - for utask or vma later) from > the BPF VM as well. Isn't it OK from the security perspective? Would you mean security or safety? :) For safety, I think we can check the BPF binary doesn't break anything. Anyway, for fetch method, I think we have to make a generic syntax tree for the archs which don't support BPF, and BPF bytecode will be generated by the syntax tree. IOW, I'd like to use BPF just for optimizing memory address calculation. For security, it is hard to check what is the sensitive information in the kernel, I think it should be restricted to root user a while. > Anyway, I'll take a look at it later if I have time, but I want to get > the existing/pending implementation merged first. :) Yes, of course ! :) Thank you, -- Masami HIRAMATSU IT Management Research Dept. Linux Technology Center Hitachi, Ltd., Yokohama Research Laboratory E-mail: masami.hiramatsu.pt@...achi.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists