| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAADnVQ+i6YaUxy7KcBwKWycQ8dK2Z3vBeFSuJdaa90aphCSkfg@mail.gmail.com>
Date: Tue, 5 Jan 2021 12:16:38 -0800
From: Alexei Starovoitov <alexei.starovoitov@...il.com>
To: Xichen Lin <linxichen.01@...edance.com>
Cc: Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andrii@...nel.org>,
LKML <linux-kernel@...r.kernel.org>,
Linux-Fsdevel <linux-fsdevel@...r.kernel.org>,
bpf <bpf@...r.kernel.org>,
Network Development <netdev@...r.kernel.org>,
Dongdong Wang <wangdongdong.6@...edance.com>,
Cong Wang <cong.wang@...edance.com>
Subject: Re: [PATCH] bpf: Add signature checking for BPF programs
On Tue, Jan 5, 2021 at 12:00 AM Xichen Lin <linxichen.01@...edance.com> wrote:
>
> From: Xichen Lin <linxichen.01@...edance.com>
>
> Check the signature of a BPF program against the same set of keys for
> module signature checking.
>
> Currently the format of a signed BPF program is similar to that of
> a signed kernel module, composed of BPF bytecode, signature,
> module_signature structure and a magic string, in order, aligned to
> struct sock_filter.
Commit log talks about 'what' and gives no insight into 'why' the
patch was sent.
Please take time to clearly explain the motivation for the changes.
Also please see earlier discussions on the subject and Arnaldo's preso
from plumbers.
Powered by blists - more mailing lists