lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 29 Apr 2020 14:05:31 +0100 From: Quentin Monnet <quentin@...valent.com> To: Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net> Cc: bpf@...r.kernel.org, netdev@...r.kernel.org, Quentin Monnet <quentin@...valent.com>, Richard Palethorpe <rpalethorpe@...e.com>, Michael Kerrisk <mtk.manpages@...il.com> Subject: [PATCH bpf-next v2 0/3] tools: bpftool: probe features for unprivileged users This set allows unprivileged users to probe available features with bpftool. On Daniel's suggestion, the "unprivileged" keyword must be passed on the command line to avoid accidentally dumping a subset of the features supported by the system. When used by root, this keyword makes bpftool drop the CAP_SYS_ADMIN capability and print the features available to unprivileged users only. The first patch makes a variable global in feature.c to avoid piping too many booleans through the different functions. The second patch introduces the unprivileged probing, adding a dependency to libcap. Then the third patch makes this dependency optional, by restoring the initial behaviour (root only can probe features) if the library is not available. Cc: Richard Palethorpe <rpalethorpe@...e.com> Cc: Michael Kerrisk <mtk.manpages@...il.com> Quentin Monnet (3): tools: bpftool: for "feature probe" define "full_mode" bool as global tools: bpftool: allow unprivileged users to probe features tools: bpftool: make libcap dependency optional .../bpftool/Documentation/bpftool-feature.rst | 12 +- tools/bpf/bpftool/Makefile | 13 +- tools/bpf/bpftool/bash-completion/bpftool | 2 +- tools/bpf/bpftool/feature.c | 141 +++++++++++++++--- 4 files changed, 142 insertions(+), 26 deletions(-) -- 2.20.1
Powered by blists - more mailing lists