| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170601120038.680c8169@cakuba.lan>
Date: Thu, 1 Jun 2017 12:00:38 -0700
From: Jakub Kicinski <kubakici@...pl>
To: David Ahern <dsahern@...il.com>
Cc: Alexei Starovoitov <ast@...com>, Martin KaFai Lau <kafai@...com>,
Hannes Frederic Sowa <hannes@...essinduktion.org>,
netdev@...r.kernel.org, Daniel Borkmann <daniel@...earbox.net>,
kernel-team@...com
Subject: Re: [PATCH v2 net-next 0/8] Introduce bpf ID
On Thu, 1 Jun 2017 12:52:28 -0600, David Ahern wrote:
> On 6/1/17 12:27 PM, Alexei Starovoitov wrote:
> > 'I want to retrieve original instructions' is not a problem. It's a
> > push for 'solution'. Explaining 'why' you want to see original
> > instructions would describe the actual problem.
>
> I have explained this.
>
> You are creating this hyper-complex almost completely invisible
> infrastructure. You are enabling binary blobs that can bypass the
> network stack and modify packets with almost no introspection on what is
> happening. BPF code can from a variety of sources -- OS vendors,
> upstream repos, 3rd party vendors (eg., H/W vendors), and "in-house"
> development. Each will swear to the end that any observed problem is not
> with their code. In my experience, it falls on to the OS and kernel
> experts to figure out why Linux is breaking something. To do that we
> need tools to look at what code is running where and something that can
> be used in production environments not requiring a disruption to the
> service that the box is providing.
Forgive my ignorance, but is it possible to dump code of a loaded
module out of the kernel?
Powered by blists - more mailing lists