| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Apr 2018 22:22:38 +0200
From: Jesper Dangaard Brouer <brouer@...hat.com>
To: Alexei Starovoitov <alexei.starovoitov@...il.com>
Cc: Sebastiano Miano <sebastiano.miano@...ito.it>,
netdev@...r.kernel.org, ast@...nel.org, daniel@...earbox.net,
mingo@...hat.com, rostedt@...dmis.org, fulvio.risso@...ito.it,
"David S. Miller" <davem@...emloft.net>, brouer@...hat.com
Subject: Re: [bpf-next PATCH 3/3] bpf: add sample program to trace map
events
On Mon, 23 Apr 2018 14:08:02 -0600
Alexei Starovoitov <alexei.starovoitov@...il.com> wrote:
> On Mon, Apr 23, 2018 at 04:08:36PM +0200, Sebastiano Miano wrote:
> >
> > That's in fact the real use case for the first two patches. Since bpf
> > tracepoints are still a rather common (and easy to use) troubleshooting and
> > monitoring tool why shouldn't we "enhance" their support with the newly
> > added map/prog IDs?
>
> because these tracepoints can be abused in the way that this patch demonstrated.
> Whether to keep this patch in the series or not is irrelevant.
I don't understand your abuse use-case, can you explain what you mean?
You do realize that these tracepoints can _only_ monitor the userspace
map activity (not kernel map changes) ... and we _do_ need a way to
debug this (and without the map_id I can tell which map).
--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Principal Kernel Engineer at Red Hat
LinkedIn: http://www.linkedin.com/in/brouer
Powered by blists - more mailing lists