| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160824221435.GB13455@htj.duckdns.org>
Date: Wed, 24 Aug 2016 18:14:36 -0400
From: Tejun Heo <htejun@...com>
To: Daniel Mack <daniel@...que.org>
CC: <daniel@...earbox.net>, <ast@...com>, <davem@...emloft.net>,
<kafai@...com>, <fw@...len.de>, <pablo@...filter.org>,
<harald@...hat.com>, <netdev@...r.kernel.org>, <sargun@...gun.me>
Subject: Re: [PATCH v2 3/6] bpf: add BPF_PROG_ATTACH and BPF_PROG_DETACH
commands
Hello,
On Wed, Aug 24, 2016 at 10:24:20PM +0200, Daniel Mack wrote:
> SYSCALL_DEFINE3(bpf, int, cmd, union bpf_attr __user *, uattr, unsigned int, size)
> {
> union bpf_attr attr = {};
> @@ -888,6 +957,16 @@ SYSCALL_DEFINE3(bpf, int, cmd, union bpf_attr __user *, uattr, unsigned int, siz
> case BPF_OBJ_GET:
> err = bpf_obj_get(&attr);
> break;
> +
> +#ifdef CONFIG_CGROUP_BPF
> + case BPF_PROG_ATTACH:
> + err = bpf_prog_attach(&attr);
> + break;
> + case BPF_PROG_DETACH:
> + err = bpf_prog_detach(&attr);
> + break;
> +#endif
So, this is one thing I haven't realized while pushing for "just embed
it in cgroup". Breaking it out to a separate controller allows using
its own locking instead of having to piggyback on cgroup_mutex. That
said, as long as cgroup_mutex is not nested inside some inner mutex,
this shouldn't be a problem. I still think the embedding is fine and
whether we make it an implicit controller or not doesn't affect
userland API at all, so it's an implementation detail that we can
change later if necessary.
Thanks.
--
tejun
Powered by blists - more mailing lists