Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

On 10/9/15 10:45 AM, Daniel Borkmann wrote: On 10/09/2015 07:30 PM, Alexei Starovoitov wrote: ... Openstack use case is different. There it will be prog_type_sched_cls that can mangle packets, change skb metadata, etc under TC framework. These are not suitable for all users and this patch

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

On 10/09/2015 07:30 PM, Alexei Starovoitov wrote: ... Openstack use case is different. There it will be prog_type_sched_cls that can mangle packets, change skb metadata, etc under TC framework. These are not suitable for all users and this patch leaves them root-only. If you're proposing to add

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

On 10/9/15 4:45 AM, Hannes Frederic Sowa wrote: Afaics this problem hasn't even be solved in perf so far, tracepoints hit independent of the namespace currently. yes and that's exactly what we're trying to solve. The "demux+worker bpf programs" proposal is a work-in-progress solution to get

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

Hi, Alexei Starovoitov writes: > On 10/8/15 11:20 AM, Hannes Frederic Sowa wrote: >> Hi Alexei, >> >> On Thu, Oct 8, 2015, at 07:23, Alexei Starovoitov wrote: >>> The feature is controlled by sysctl kernel.unprivileged_bpf_disabled. >>> This toggle defaults to off (0), but can be set true (1).

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

On 10/08/15 at 08:20pm, Hannes Frederic Sowa wrote: > Hi Alexei, > > On Thu, Oct 8, 2015, at 07:23, Alexei Starovoitov wrote: > > The feature is controlled by sysctl kernel.unprivileged_bpf_disabled. > > This toggle defaults to off (0), but can be set true (1). Once true, > > bpf programs and

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

On 10/08/15 at 08:20pm, Hannes Frederic Sowa wrote: > Hi Alexei, > > On Thu, Oct 8, 2015, at 07:23, Alexei Starovoitov wrote: > > The feature is controlled by sysctl kernel.unprivileged_bpf_disabled. > > This toggle defaults to off (0), but can be set true (1). Once true, > > bpf programs and

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

Hi, Alexei Starovoitov writes: > On 10/8/15 11:20 AM, Hannes Frederic Sowa wrote: >> Hi Alexei, >> >> On Thu, Oct 8, 2015, at 07:23, Alexei Starovoitov wrote: >>> The feature is controlled by sysctl kernel.unprivileged_bpf_disabled. >>> This toggle defaults to off (0), but

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

On 10/9/15 4:45 AM, Hannes Frederic Sowa wrote: Afaics this problem hasn't even be solved in perf so far, tracepoints hit independent of the namespace currently. yes and that's exactly what we're trying to solve. The "demux+worker bpf programs" proposal is a work-in-progress solution to get

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

On 10/09/2015 07:30 PM, Alexei Starovoitov wrote: ... Openstack use case is different. There it will be prog_type_sched_cls that can mangle packets, change skb metadata, etc under TC framework. These are not suitable for all users and this patch leaves them root-only. If you're proposing to add

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

On 10/9/15 10:45 AM, Daniel Borkmann wrote: On 10/09/2015 07:30 PM, Alexei Starovoitov wrote: ... Openstack use case is different. There it will be prog_type_sched_cls that can mangle packets, change skb metadata, etc under TC framework. These are not suitable for all users and this patch

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

On 10/8/15 11:20 AM, Hannes Frederic Sowa wrote: Hi Alexei, On Thu, Oct 8, 2015, at 07:23, Alexei Starovoitov wrote: The feature is controlled by sysctl kernel.unprivileged_bpf_disabled. This toggle defaults to off (0), but can be set true (1). Once true, bpf programs and maps cannot be

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

Hi Alexei, On Thu, Oct 8, 2015, at 07:23, Alexei Starovoitov wrote: > The feature is controlled by sysctl kernel.unprivileged_bpf_disabled. > This toggle defaults to off (0), but can be set true (1). Once true, > bpf programs and maps cannot be accessed from unprivileged process, > and the

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

On Wed, Oct 7, 2015 at 10:23 PM, Alexei Starovoitov wrote: > In order to let unprivileged users load and execute eBPF programs > teach verifier to prevent pointer leaks. > Verifier will prevent > - any arithmetic on pointers > (except R10+Imm which is used to compute stack addresses) > -

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

On Wed, Oct 7, 2015 at 10:23 PM, Alexei Starovoitov wrote: > In order to let unprivileged users load and execute eBPF programs > teach verifier to prevent pointer leaks. > Verifier will prevent > - any arithmetic on pointers > (except R10+Imm which is used to compute stack

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

On 10/8/15 11:20 AM, Hannes Frederic Sowa wrote: Hi Alexei, On Thu, Oct 8, 2015, at 07:23, Alexei Starovoitov wrote: The feature is controlled by sysctl kernel.unprivileged_bpf_disabled. This toggle defaults to off (0), but can be set true (1). Once true, bpf programs and maps cannot be

Re: [PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

Hi Alexei, On Thu, Oct 8, 2015, at 07:23, Alexei Starovoitov wrote: > The feature is controlled by sysctl kernel.unprivileged_bpf_disabled. > This toggle defaults to off (0), but can be set true (1). Once true, > bpf programs and maps cannot be accessed from unprivileged process, > and the

[PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

In order to let unprivileged users load and execute eBPF programs teach verifier to prevent pointer leaks. Verifier will prevent - any arithmetic on pointers (except R10+Imm which is used to compute stack addresses) - comparison of pointers (except if (map_value_ptr == 0) ... ) - passing

[PATCH v2 net-next 1/3] bpf: enable non-root eBPF programs

In order to let unprivileged users load and execute eBPF programs teach verifier to prevent pointer leaks. Verifier will prevent - any arithmetic on pointers (except R10+Imm which is used to compute stack addresses) - comparison of pointers (except if (map_value_ptr == 0) ... ) - passing