| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 Jun 2014 15:09:17 -0700 From: Andy Lutomirski <luto@...capital.net> To: Alexei Starovoitov <ast@...mgrid.com> Cc: "David S. Miller" <davem@...emloft.net>, Ingo Molnar <mingo@...nel.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Steven Rostedt <rostedt@...dmis.org>, Daniel Borkmann <dborkman@...hat.com>, Chema Gonzalez <chema@...gle.com>, Eric Dumazet <edumazet@...gle.com>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, Arnaldo Carvalho de Melo <acme@...radead.org>, Jiri Olsa <jolsa@...hat.com>, Thomas Gleixner <tglx@...utronix.de>, "H. Peter Anvin" <hpa@...or.com>, Andrew Morton <akpm@...ux-foundation.org>, Kees Cook <keescook@...omium.org>, Linux API <linux-api@...r.kernel.org>, Network Development <netdev@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [PATCH RFC net-next 03/14] bpf: introduce syscall(BPF, ...) and BPF maps On Sat, Jun 28, 2014 at 11:36 PM, Alexei Starovoitov <ast@...mgrid.com> wrote: > On Sat, Jun 28, 2014 at 6:52 PM, Andy Lutomirski <luto@...capital.net> wrote: >> On Sat, Jun 28, 2014 at 1:49 PM, Alexei Starovoitov <ast@...mgrid.com> wrote: >>> >>> Sorry I don't like 'fd' direction at all. >>> 1. it will make the whole thing very socket specific and 'net' dependent. >>> but the goal here is to be able to use eBPF for tracing in embedded >>> setups. So it's gotta be net independent. >>> 2. sockets are already overloaded with all sorts of stuff. Adding more >>> types of sockets will complicate it a lot. >>> 3. and most important. read/write operations on sockets are not >>> done every nanosecond, whereas lookup operations on bpf maps >>> are done every dozen instructions, so we cannot have any overhead >>> when accessing maps. >>> In other words the verifier is done as static analyzer. I moved all >>> the complexity to verify time, so at run-time the programs are as >>> fast as possible. I'm strongly against run-time checks in critical path, >>> since they kill performance and make the whole approach a lot less usable. >> >> I may have described my suggestion poorly. I'm suggesting that all of >> these global ids be replaced *for userspace's benefit* with fds. That >> is, a map would have an associated struct inode, and, when you load an >> eBPF program, you'd pass fds into the kernel instead of global ids. >> The kernel would still compile the eBPF program to use the global ids, >> though. > > Hmm. If I understood you correctly, you're suggesting to do it similar > to ipc/mqueue, shmem, sockets do. By registering and mounting > a file system and providing all superblock and inode hooks… and > probably have its own namespace type… hmm… may be. That's > quite a bit of work to put lightly. As I said in the other email the first > step is root only and all these complexity just not worth doing > at this stage. The downside of not doing it right away is that it's harder to retrofit in without breaking early users. You might be able to get away with using anon_inodes. That will prevent repoening via /proc/self/fd from working (I think), but that's a good thing until someone fixes the /proc reopen hole. Sigh. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists