From: "Andy Lutomirski" <luto@kernel.org>
To: "Andrii Nakryiko" <andrii.nakryiko@gmail.com>
Cc: "Andrii Nakryiko" <andrii@kernel.org>,
bpf@vger.kernel.org, linux-security-module@vger.kernel.org,
"Kees Cook" <keescook@chromium.org>,
"Christian Brauner" <brauner@kernel.org>,
lennart@poettering.net, cyphar@cyphar.com, kernel-team@meta.com
Subject: Re: [PATCH v2 bpf-next 00/18] BPF token
Date: Mon, 19 Jun 2023 10:40:19 -0700 [thread overview]
Message-ID: <a73da819-b334-448c-8e5c-50d9f7c28b8f@app.fastmail.com> (raw)
In-Reply-To: <CAEf4BzazbMqAh_Nj_geKNLshxT+4NXOCd-LkZ+sRKsbZAJ1tUw@mail.gmail.com>
On Fri, Jun 9, 2023, at 12:08 PM, Andrii Nakryiko wrote:
> On Fri, Jun 9, 2023 at 11:32 AM Andy Lutomirski <luto@kernel.org> wrote:
>>
>> On Wed, Jun 7, 2023, at 4:53 PM, Andrii Nakryiko wrote:
>> > This patch set introduces new BPF object, BPF token, which allows to delegate
>> > a subset of BPF functionality from privileged system-wide daemon (e.g.,
>> > systemd or any other container manager) to a *trusted* unprivileged
>> > application. Trust is the key here. This functionality is not about allowing
>> > unconditional unprivileged BPF usage. Establishing trust, though, is
>> > completely up to the discretion of respective privileged application that
>> > would create a BPF token.
>> >
>>
>> I skimmed the description and the LSFMM slides.
>>
>> Years ago, I sent out a patch set to start down the path of making the bpf() API make sense when used in less-privileged contexts (regarding access control of BPF objects and such). It went nowhere.
>>
>> Where does BPF token fit in? Does a kernel with these patches applied actually behave sensibly if you pass a BPF token into a container?
>
> Yes?.. In the sense that it is possible to create BPF programs and BPF
> maps from inside the container (with BPF token). Right now under user
> namespace it's impossible no matter what you do.
I have no problem with creating BPF maps inside a container, but I think the maps should *be in the container*.
My series wasn’t about unprivileged BPF per se. It was about updating the existing BPF permission model so that it made sense in a context in which it had multiple users that didn’t trust each other.
>
>> Giving a way to enable BPF in a container is only a small part of the overall task -- making BPF behave sensibly in that container seems like it should also be necessary.
>
> BPF is still a privileged thing. You can't just say that any
> unprivileged application should be able to use BPF. That's why BPF
> token is about trusting unpriv application in a controlled environment
> (production) to not do something crazy. It can be enforced further
> through LSM usage, but in a lot of cases, when dealing with internal
> production applications it's enough to have a proper application
> design and rely on code review process to avoid any negative effects.
We really shouldn’t be creating new kinds of privileged containers that do uncontained things.
If you actually want to go this route, I think you would do much better to introduce a way for a container manager to usefully proxy BPF on behalf of the container.
>
> So privileged daemon (container manager) will be configured with the
> knowledge of which services/containers are allowed to use BPF, and
> will grant BPF token only to those that were explicitly allowlisted.
next prev parent reply other threads:[~2023-06-19 17:40 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-07 23:53 [PATCH v2 bpf-next 00/18] BPF token Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 01/18] bpf: introduce BPF token object Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 02/18] libbpf: add bpf_token_create() API Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 03/18] selftests/bpf: add BPF_TOKEN_CREATE test Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 04/18] bpf: move unprivileged checks into map_create() and bpf_prog_load() Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 05/18] bpf: inline map creation logic in map_create() function Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 06/18] bpf: centralize permissions checks for all BPF map types Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 07/18] bpf: add BPF token support to BPF_MAP_CREATE command Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 08/18] libbpf: add BPF token support to bpf_map_create() API Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 09/18] selftests/bpf: add BPF token-enabled test for BPF_MAP_CREATE command Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 10/18] bpf: add BPF token support to BPF_BTF_LOAD command Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 11/18] libbpf: add BPF token support to bpf_btf_load() API Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 12/18] selftests/bpf: add BPF token-enabled BPF_BTF_LOAD selftest Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 13/18] bpf: keep BPF_PROG_LOAD permission checks clear of validations Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 14/18] bpf: add BPF token support to BPF_PROG_LOAD command Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 15/18] bpf: take into account BPF token when fetching helper protos Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 16/18] bpf: consistenly use BPF token throughout BPF verifier logic Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 17/18] libbpf: add BPF token support to bpf_prog_load() API Andrii Nakryiko
2023-06-07 23:53 ` [PATCH v2 bpf-next 18/18] selftests/bpf: add BPF token-enabled BPF_PROG_LOAD tests Andrii Nakryiko
2023-06-08 18:49 ` [PATCH v2 bpf-next 00/18] BPF token Stanislav Fomichev
2023-06-08 22:17 ` Andrii Nakryiko
2023-06-09 11:17 ` Toke Høiland-Jørgensen
2023-06-09 18:21 ` Andrii Nakryiko
2023-06-09 21:21 ` Toke Høiland-Jørgensen
2023-06-09 22:03 ` Andrii Nakryiko
2023-06-12 10:49 ` Toke Høiland-Jørgensen
2023-06-12 22:08 ` Andrii Nakryiko
2023-06-13 21:48 ` Hao Luo
2023-06-14 12:06 ` Toke Høiland-Jørgensen
2023-06-15 22:55 ` Andrii Nakryiko
2023-06-09 18:32 ` Andy Lutomirski
2023-06-09 19:08 ` Andrii Nakryiko
2023-06-19 17:40 ` Andy Lutomirski [this message]
2023-06-21 23:48 ` Andrii Nakryiko
2023-06-22 8:22 ` Maryam Tahhan
2023-06-22 16:49 ` Andy Lutomirski
[not found] ` <5a75d1f0-4ed9-399c-4851-2df0755de9b5@redhat.com>
2023-06-22 18:40 ` Andrii Nakryiko
2023-06-22 21:04 ` Maryam Tahhan
2023-06-22 23:35 ` Andrii Nakryiko
2023-06-23 1:02 ` Andy Lutomirski
2023-06-23 15:10 ` Andy Lutomirski
2023-06-23 23:23 ` Daniel Borkmann
2023-06-24 13:59 ` Andy Lutomirski
2023-06-24 15:28 ` Andy Lutomirski
2023-06-26 15:23 ` Daniel Borkmann
2023-07-04 20:48 ` Andy Lutomirski
2023-07-04 21:06 ` Andy Lutomirski
2023-06-27 10:22 ` Djalal Harouni
2023-06-26 22:31 ` Andrii Nakryiko
2023-06-26 22:08 ` Andrii Nakryiko
2023-06-22 19:05 ` Andrii Nakryiko
2023-06-23 3:28 ` Andy Lutomirski
2023-06-23 16:13 ` Casey Schaufler
2023-06-26 22:08 ` Andrii Nakryiko
2023-06-22 18:20 ` Andrii Nakryiko
2023-06-23 23:07 ` Toke Høiland-Jørgensen
2023-06-26 22:08 ` Andrii Nakryiko
2023-07-04 21:05 ` Andy Lutomirski
2023-06-09 22:29 ` Djalal Harouni
2023-06-09 22:57 ` Andrii Nakryiko
2023-06-12 12:02 ` Djalal Harouni
2023-06-12 14:31 ` Djalal Harouni
2023-06-12 22:27 ` Andrii Nakryiko
2023-06-14 0:23 ` Djalal Harouni
2023-06-14 9:39 ` Christian Brauner
2023-06-15 22:48 ` Andrii Nakryiko
2023-06-23 22:18 ` Daniel Borkmann
2023-06-26 22:08 ` Andrii Nakryiko
2023-06-15 22:47 ` Andrii Nakryiko
2023-06-12 12:44 ` Dave Tucker
2023-06-12 15:52 ` Djalal Harouni
2023-06-12 23:04 ` Andrii Nakryiko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a73da819-b334-448c-8e5c-50d9f7c28b8f@app.fastmail.com \
--to=luto@kernel.org \
--cc=andrii.nakryiko@gmail.com \
--cc=andrii@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=brauner@kernel.org \
--cc=cyphar@cyphar.com \
--cc=keescook@chromium.org \
--cc=kernel-team@meta.com \
--cc=lennart@poettering.net \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).