On Sat, Jan 6, 2018 at 8:58 AM, Walter Dnes wrote:
>
> I'm running openrc. On my 32-bit install, Intel Core2 duo, I get...
>
> zgrep BPF /proc/config.gz
> CONFIG_BPF=y
> # CONFIG_BPF_SYSCALL is not set
> # CONFIG_NETFILTER_XT_MATCH_BPF is not set
> # CONFIG_TEST_BPF is not set
>
> On my 64-bi
On Sat, Jan 06, 2018 at 11:26:43AM +1100, Adam Carter wrote
> >
> > > So, HAVE_EBPF_JIT=y just means that BPF JIT _can_ be done on x86. There
> > > is a separate BPF_JIT setting to actually enable it.
> >
> > Well, that doesn't seem to be present here. Just the HAVE_ symbol.
>
>
> Careful, there
On Fri, Jan 5, 2018 at 7:26 PM, Adam Carter wrote:
>> > So, HAVE_EBPF_JIT=y just means that BPF JIT _can_ be done on x86. There
>> > is a separate BPF_JIT setting to actually enable it.
>>
>> Well, that doesn't seem to be present here. Just the HAVE_ symbol.
>
>
> Careful, there's BPF and EBPF.
>
>
> > So, HAVE_EBPF_JIT=y just means that BPF JIT _can_ be done on x86. There
> > is a separate BPF_JIT setting to actually enable it.
>
> Well, that doesn't seem to be present here. Just the HAVE_ symbol.
Careful, there's BPF and EBPF.
$ zgrep BPF /proc/config.gz
CONFIG_CGROUP_BPF=y
CONFIG_BPF
On Friday, 5 January 2018 18:04:10 GMT Ian Zimmerman wrote:
> On 2018-01-05 11:10, Peter Humphrey wrote:
> > Symbol: HAVE_EBPF_JIT [=y]
> > │
> > │ Type : boolean
> > │ Defined at net/Kconfig:436
> > │ Selected by: X86 [=y] && X86_64 [=y]
> >
> > So it's on, like it or not. This is kernel 4.9
On 2018-01-05 11:10, Peter Humphrey wrote:
> Symbol: HAVE_EBPF_JIT [=y]
>
> │
> │ Type : boolean
> │ Defined at net/Kconfig:436
> │ Selected by: X86 [=y] && X86_64 [=y]
>
On Friday, 5 January 2018 01:18:23 GMT Rich Freeman wrote:
> I believe CONFIG_HAVE_EBPF_JIT isn't actually modifiable via make
> config - it is a dependency and I think it is there to indicate
> whether the feature is supported (maybe it is arch-specific, or there
> is some complex rule for it bei
>
> The settings relevant to Spectre are:
> CONFIG_BPF_JIT - this being set to y is enough to make Intel
> processors vulnerable to variant 1/2. This being set to y is
> necessary, but not sufficient, for making AMD vulnerable to variant 1.
> net.core.bpf_jit_enable - this being set to 1 along wit
On Thu, Jan 4, 2018 at 7:51 PM, Adam Carter wrote:
> On Fri, Jan 5, 2018 at 8:39 AM, Nikos Chantziaras wrote:
>>
>> On 04/01/18 18:18, Rich Freeman wrote:
>>>
>>> For variant 1 the only known vulnerability is BPF which probably
>>> next to nobody uses
>>
>>
>> I had to enable various BPF settings
On Fri, Jan 5, 2018 at 8:39 AM, Nikos Chantziaras wrote:
> On 04/01/18 18:18, Rich Freeman wrote:
>
>> For variant 1 the only known vulnerability is BPF which probably
>> next to nobody uses
>>
>
> I had to enable various BPF settings in the kernel because systemd
> wouldn't shut up about it. It
On 04/01/18 23:39, Nikos Chantziaras wrote:
On 04/01/18 18:18, Rich Freeman wrote:
For variant 1 the only known vulnerability is BPF which probably
next to nobody uses
I had to enable various BPF settings in the kernel because systemd
wouldn't shut up about it. It prints warning messages duri
On 04/01/18 18:18, Rich Freeman wrote:
For variant 1 the only known vulnerability is BPF which probably
next to nobody uses
I had to enable various BPF settings in the kernel because systemd
wouldn't shut up about it. It prints warning messages during boot that
the system doesn't support BPF.
12 matches
Mail list logo