From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9C570C433EF for ; Fri, 22 Jul 2022 04:19:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233613AbiGVETH (ORCPT ); Fri, 22 Jul 2022 00:19:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50256 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233902AbiGVETC (ORCPT ); Fri, 22 Jul 2022 00:19:02 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 3E5CD97A3C for ; Thu, 21 Jul 2022 21:18:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1658463537; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=wK85Xq29MVxgOXn1JQxYSaRa292CjnMXvVLzF3E2ehs=; b=VjUAGSeTXJVnF0V+z+3NWEYZ5J7tQ8sO61/fgB9XbUFvfd2FI30Uc8bc2bWOJ4Pva+8OKr IMnhwI6BDF/J093Tw51cRLgDtd7MPWZha9VmYsaymA5GW0P6dWLb2/sE3ykUS+2tGyl69u 7iIbQPoz23hLfoWOcMk4i4o5sK7GiWs= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-595-uUaWnyf5OmCIHZbOcQbvPw-1; Fri, 22 Jul 2022 00:18:51 -0400 X-MC-Unique: uUaWnyf5OmCIHZbOcQbvPw-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A7548811E7A; Fri, 22 Jul 2022 04:18:50 +0000 (UTC) Received: from sparkplug.usersys.redhat.com (unknown [10.40.192.7]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 41D48404754B; Fri, 22 Jul 2022 04:18:48 +0000 (UTC) Date: Fri, 22 Jul 2022 06:18:45 +0200 From: Artem Savkov To: Alexei Starovoitov Cc: Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , bpf , Network Development , LKML , Andrea Arcangeli , Daniel Vacek , Jiri Olsa , Song Liu Subject: Re: [PATCH bpf-next 1/4] bpf: add BPF_F_DESTRUCTIVE flag for BPF_PROG_LOAD Message-ID: References: <20220720114652.3020467-1-asavkov@redhat.com> <20220720114652.3020467-2-asavkov@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Scanned-By: MIMEDefang 2.84 on 10.11.54.1 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org On Thu, Jul 21, 2022 at 07:02:07AM -0700, Alexei Starovoitov wrote: > On Wed, Jul 20, 2022 at 4:47 AM Artem Savkov wrote: > > > > +/* If BPF_F_DESTRUCTIVE is used in BPF_PROG_LOAD command, the loaded program > > + * will be able to perform destructive operations such as calling bpf_panic() > > + * helper. > > + */ > > +#define BPF_F_DESTRUCTIVE (1U << 6) > > I don't understand what value this flag provides. > > bpf prog won't be using kexec accidentally. > Requiring user space to also pass this flag seems pointless. bpf program likely won't. But I think it is not uncommon for people to run bpftrace scripts they fetched off the internet to run them without fully reading the code. So the idea was to provide intermediate tools like that with a common way to confirm user's intent without implementing their own guards around dangerous calls. If that is not a good enough of a reason to add the flag I can drop it. -- Artem