lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 5 Jul 2014 14:59:07 -0700 From: Alexei Starovoitov <ast@...mgrid.com> To: Andy Lutomirski <luto@...capital.net> Cc: "David S. Miller" <davem@...emloft.net>, Ingo Molnar <mingo@...nel.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Steven Rostedt <rostedt@...dmis.org>, Daniel Borkmann <dborkman@...hat.com>, Chema Gonzalez <chema@...gle.com>, Eric Dumazet <edumazet@...gle.com>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, Arnaldo Carvalho de Melo <acme@...radead.org>, Jiri Olsa <jolsa@...hat.com>, Thomas Gleixner <tglx@...utronix.de>, "H. Peter Anvin" <hpa@...or.com>, Andrew Morton <akpm@...ux-foundation.org>, Kees Cook <keescook@...omium.org>, Linux API <linux-api@...r.kernel.org>, Network Development <netdev@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [PATCH RFC net-next 03/14] bpf: introduce syscall(BPF, ...) and BPF maps On Fri, Jul 4, 2014 at 8:17 AM, Andy Lutomirski <luto@...capital.net> wrote: > On Wed, Jul 2, 2014 at 7:29 PM, Alexei Starovoitov <ast@...mgrid.com> wrote: >> >> non-root API: >> >> ufd = bpf_create_map(local_map_id,… ) >> bpf_map_update/delete/lookup_elem(ufd,…) >> ufd = bpf_prog_load(insns) >> close(ufd) >> >> root only API: >> >> global_id = bpf_get_id(ufd) // returns either map or prog global id >> bpf_map_delete(global_map_id) >> bpf_prog_unload(global_prog_id) >> >> Details: >> >> ufd = bpf_create_map(local_map_id, ...); >> >> local_map_id - process local map_id >> (this id is used to access maps from eBPF program loaded by this process) >> >> ufd - process local file descriptor >> (used to update/lookup maps from this process) >> >> global_map_id = bpf_get_id(ufd) >> this is root only call to get global_ids and pass them to global events >> like tracing. >> >> global ids will only be seen by root. There is no way for root or non-root >> to influence id ranges. >> >> I think it will be cleaner once I finish fd conversion as a patch. > > OK > > FWIW, per-process local id maps sound almost equivalent to relocations > -- the latter could be as simple as an extra nlattr giving a list of > pairs of (per-eBPF-program id, fd). I thought about array of such pairs as well, but it felt cleaner to remember the (per-eBPF-program id, fd) pair in a kernel, instead of asking user space to keep track of them. Either way I think it's minor. I'll implement both and see which way is cleaner. So far I did 3-way enum split in verifier and addressed Namhyung's and Chema's comments. Updated in the same place: git://git.kernel.org/pub/scm/linux/kernel/git/ast/bpf master I'll be traveling next week. Once I'm done with fd-style interface, I'll post a v2. Thanks -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists