lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 3 Mar 2022 16:23:26 -0800
From:   Luis Chamberlain <mcgrof@...nel.org>
To:     Daniel Borkmann <daniel@...earbox.net>
Cc:     Yan Zhu <zhuyan34@...wei.com>, andrii@...nel.org, ast@...nel.org,
        bpf@...r.kernel.org, john.fastabend@...il.com, kafai@...com,
        keescook@...omium.org, kpsingh@...nel.org,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
        liucheng32@...wei.com, netdev@...r.kernel.org,
        nixiaoming@...wei.com, songliubraving@...com,
        xiechengliang1@...wei.com, yhs@...com, yzaikin@...gle.com,
        zengweilin@...wei.com
Subject: Re: [PATCH v3 sysctl-next] bpf: move bpf sysctls from
 kernel/sysctl.c to bpf module

On Fri, Mar 04, 2022 at 12:44:48AM +0100, Daniel Borkmann wrote:
> On 3/2/22 9:39 PM, Luis Chamberlain wrote:
> > On Wed, Mar 02, 2022 at 10:04:12AM +0800, Yan Zhu wrote:
> > > We're moving sysctls out of kernel/sysctl.c as its a mess. We
> > > already moved all filesystem sysctls out. And with time the goal is
> > > to move all sysctls out to their own susbsystem/actual user.
> > > 
> > > kernel/sysctl.c has grown to an insane mess and its easy to run
> > > into conflicts with it. The effort to move them out is part of this.
> > > 
> > > Signed-off-by: Yan Zhu <zhuyan34@...wei.com>
> > 
> > Daniel, let me know if this makes more sense now, and if so I can
> > offer take it through sysctl-next to avoid conflicts more sysctl knobs
> > get moved out from kernel/sysctl.c.
> 
> If this is a whole ongoing effort rather than drive-by patch,

It is ongoing effort, but it will take many releases before we tidy
this whole thing up.

> then it's
> fine with me. 

OK great. Thanks for understanding the mess.

> Btw, the patch itself should also drop the linux/bpf.h
> include from kernel/sysctl.c since nothing else is using it after the
> patch.

I'll let Yan deal with that.

> Btw, related to cleanups.. historically, we have a bunch of other knobs
> for BPF under net (in net_core_table), that is:
> 
>   /proc/sys/net/core/bpf_jit_enable
>   /proc/sys/net/core/bpf_jit_harden
>   /proc/sys/net/core/bpf_jit_kallsyms
>   /proc/sys/net/core/bpf_jit_limit
> 
> Would be nice to consolidate all under e.g. /proc/sys/kernel/bpf_* for

Oh the actual "name" / directory location is not changing.
What changes is just where in code you declare them.

> future going forward, and technically, they should be usable also w/o
> net configured into kernel.

That's up to you, and just consider if you have scrupts using these
already. You may need backward compatibility. You don't need networking
to create the net directory for sysctls too. The first sysctl to create
the directory creates it, if its not created, it will be created.

> Is there infra to point the sysctl knobs
> e.g. under net/core/ to kernel/, or best way would be to have single
> struct ctl_table and register for both?

Try proc_symlink().

  Luis

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ