From mboxrd@z Thu Jan 1 00:00:00 1970 From: Alexei Starovoitov Subject: Re: [PATCH RFC v2 net-next 13/16] tracing: allow eBPF programs to be attached to events Date: Wed, 23 Jul 2014 17:06:15 -0700 Message-ID: References: <1405657206-12060-1-git-send-email-ast@plumgrid.com> <1405657206-12060-14-git-send-email-ast@plumgrid.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Return-path: In-Reply-To: Sender: linux-api-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org To: Kees Cook Cc: "David S. Miller" , Ingo Molnar , Linus Torvalds , Andy Lutomirski , Steven Rostedt , Daniel Borkmann , Chema Gonzalez , Eric Dumazet , Peter Zijlstra , Arnaldo Carvalho de Melo , Jiri Olsa , Thomas Gleixner , "H. Peter Anvin" , Andrew Morton , Linux API , Network Development , LKML List-Id: linux-api@vger.kernel.org On Wed, Jul 23, 2014 at 4:46 PM, Kees Cook wrote: >> >> eBPF programs can call in-kernel helper functions to: >> - lookup/update/delete elements in maps >> - memcmp >> - trace_printk >> - load_pointer >> - dump_stack > > Ah, this must be the pointer leaking you mentioned. :) > > > Can the existing tracing mechanisms already expose kernel addresses? I > suspect "yes". So I guess existing limitations on tracing exposure > should already cover access control here? (I'm trying to figure out if > a separate CONFIG is needed -- I don't think so: nothing "new" is > exposed via eBPF, is that right?) correct. through debugfs/tracing the whole kernel is already exposed. Idea of eBPF for tracing is to give kernel developers and performance engineers a tool to analyze what kernel is doing by writing programs in C and attaching them to kprobe/tracepoint events, so it's definitely for root only.