Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Tycho Andersen
On Wed, Sep 09, 2015 at 10:27:08AM -0700, Kees Cook wrote: > On Wed, Sep 9, 2015 at 9:52 AM, Alexei Starovoitov > wrote: > > On Wed, Sep 09, 2015 at 09:37:51AM -0700, Kees Cook wrote: > >> On Wed, Sep 9, 2015 at 9:09 AM, Daniel Borkmann > >> wrote: > >> > On 09/09/2015 06:07 PM, Alexei

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Kees Cook
On Wed, Sep 9, 2015 at 9:52 AM, Alexei Starovoitov wrote: > On Wed, Sep 09, 2015 at 09:37:51AM -0700, Kees Cook wrote: >> On Wed, Sep 9, 2015 at 9:09 AM, Daniel Borkmann wrote: >> > On 09/09/2015 06:07 PM, Alexei Starovoitov wrote: >> >> >> >> On Wed, Sep 09, 2015 at 09:50:35AM -0600, Tycho

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Alexei Starovoitov
On Wed, Sep 09, 2015 at 09:37:51AM -0700, Kees Cook wrote: > On Wed, Sep 9, 2015 at 9:09 AM, Daniel Borkmann wrote: > > On 09/09/2015 06:07 PM, Alexei Starovoitov wrote: > >> > >> On Wed, Sep 09, 2015 at 09:50:35AM -0600, Tycho Andersen wrote: > > > > [...] > >>> > >>> Thoughts? > >> > >> > >>

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Kees Cook
On Wed, Sep 9, 2015 at 9:09 AM, Daniel Borkmann wrote: > On 09/09/2015 06:07 PM, Alexei Starovoitov wrote: >> >> On Wed, Sep 09, 2015 at 09:50:35AM -0600, Tycho Andersen wrote: > > [...] >>> >>> Thoughts? >> >> >> Please do not add any per-instruction hacks. None of them are >> necessary. Classic

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Daniel Borkmann
On 09/04/2015 11:50 PM, Andy Lutomirski wrote: On Fri, Sep 4, 2015 at 9:04 AM, Tycho Andersen [...] +static const struct bpf_func_proto * +seccomp_func_proto(enum bpf_func_id func_id) +{ + /* Right now seccomp eBPF loading doesn't support maps; seccomp filters +* are considered

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Daniel Borkmann
On 09/09/2015 06:07 PM, Alexei Starovoitov wrote: On Wed, Sep 09, 2015 at 09:50:35AM -0600, Tycho Andersen wrote: [...] Thoughts? Please do not add any per-instruction hacks. None of them are necessary. Classic had to do extra ugly checks in seccomp only because verifier wasn't flexible

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Daniel Borkmann
On 09/09/2015 05:50 PM, Tycho Andersen wrote: On Fri, Sep 04, 2015 at 02:08:37PM -0700, Kees Cook wrote: On Fri, Sep 4, 2015 at 2:06 PM, Tycho Andersen [...] I was expecting to see a validator, similar to the existing BPF validator that is called when creating seccomp filters currently. Can

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Alexei Starovoitov
On Wed, Sep 09, 2015 at 09:50:35AM -0600, Tycho Andersen wrote: > > > > > > That's effectively what this patch does; when the eBPF is loaded via > > > bpf(), you tell bpf() you want a BPF_PROG_TYPE_SECCOMP, and it invokes > > > this validation/translation code, i.e. it uses > > >

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Tycho Andersen
On Fri, Sep 04, 2015 at 02:08:37PM -0700, Kees Cook wrote: > On Fri, Sep 4, 2015 at 2:06 PM, Tycho Andersen > wrote: > > On Fri, Sep 04, 2015 at 01:34:12PM -0700, Kees Cook wrote: > >> On Fri, Sep 4, 2015 at 9:04 AM, Tycho Andersen > >> wrote: > >> > +static const struct bpf_func_proto * > >> >

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Daniel Borkmann
On 09/04/2015 11:50 PM, Andy Lutomirski wrote: On Fri, Sep 4, 2015 at 9:04 AM, Tycho Andersen [...] +static const struct bpf_func_proto * +seccomp_func_proto(enum bpf_func_id func_id) +{ + /* Right now seccomp eBPF loading doesn't support maps; seccomp filters +* are considered

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Daniel Borkmann
On 09/09/2015 06:07 PM, Alexei Starovoitov wrote: On Wed, Sep 09, 2015 at 09:50:35AM -0600, Tycho Andersen wrote: [...] Thoughts? Please do not add any per-instruction hacks. None of them are necessary. Classic had to do extra ugly checks in seccomp only because verifier wasn't flexible

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Tycho Andersen
On Fri, Sep 04, 2015 at 02:08:37PM -0700, Kees Cook wrote: > On Fri, Sep 4, 2015 at 2:06 PM, Tycho Andersen > wrote: > > On Fri, Sep 04, 2015 at 01:34:12PM -0700, Kees Cook wrote: > >> On Fri, Sep 4, 2015 at 9:04 AM, Tycho Andersen > >>

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Daniel Borkmann
On 09/09/2015 05:50 PM, Tycho Andersen wrote: On Fri, Sep 04, 2015 at 02:08:37PM -0700, Kees Cook wrote: On Fri, Sep 4, 2015 at 2:06 PM, Tycho Andersen [...] I was expecting to see a validator, similar to the existing BPF validator that is called when creating seccomp filters currently. Can

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Alexei Starovoitov
On Wed, Sep 09, 2015 at 09:50:35AM -0600, Tycho Andersen wrote: > > > > > > That's effectively what this patch does; when the eBPF is loaded via > > > bpf(), you tell bpf() you want a BPF_PROG_TYPE_SECCOMP, and it invokes > > > this validation/translation code, i.e. it uses > > >

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Kees Cook
On Wed, Sep 9, 2015 at 9:09 AM, Daniel Borkmann wrote: > On 09/09/2015 06:07 PM, Alexei Starovoitov wrote: >> >> On Wed, Sep 09, 2015 at 09:50:35AM -0600, Tycho Andersen wrote: > > [...] >>> >>> Thoughts? >> >> >> Please do not add any per-instruction hacks. None of them are

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Alexei Starovoitov
On Wed, Sep 09, 2015 at 09:37:51AM -0700, Kees Cook wrote: > On Wed, Sep 9, 2015 at 9:09 AM, Daniel Borkmann wrote: > > On 09/09/2015 06:07 PM, Alexei Starovoitov wrote: > >> > >> On Wed, Sep 09, 2015 at 09:50:35AM -0600, Tycho Andersen wrote: > > > > [...] > >>> > >>>

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Kees Cook
On Wed, Sep 9, 2015 at 9:52 AM, Alexei Starovoitov wrote: > On Wed, Sep 09, 2015 at 09:37:51AM -0700, Kees Cook wrote: >> On Wed, Sep 9, 2015 at 9:09 AM, Daniel Borkmann wrote: >> > On 09/09/2015 06:07 PM, Alexei Starovoitov wrote: >> >> >> >>

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-09 Thread Tycho Andersen
On Wed, Sep 09, 2015 at 10:27:08AM -0700, Kees Cook wrote: > On Wed, Sep 9, 2015 at 9:52 AM, Alexei Starovoitov > wrote: > > On Wed, Sep 09, 2015 at 09:37:51AM -0700, Kees Cook wrote: > >> On Wed, Sep 9, 2015 at 9:09 AM, Daniel Borkmann > >>

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Andy Lutomirski
On Fri, Sep 4, 2015 at 9:04 AM, Tycho Andersen wrote: > seccomp uses eBPF as its underlying storage and execution format, and eBPF > has features that seccomp would like to make use of in the future. This > patch adds a formal seccomp type to the eBPF verifier. > > The current implementation of

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Tycho Andersen
On Fri, Sep 04, 2015 at 01:17:47PM -0700, Alexei Starovoitov wrote: > On Fri, Sep 04, 2015 at 10:04:19AM -0600, Tycho Andersen wrote: > > seccomp uses eBPF as its underlying storage and execution format, and eBPF > > has features that seccomp would like to make use of in the future. This > > patch

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Kees Cook
On Fri, Sep 4, 2015 at 2:06 PM, Tycho Andersen wrote: > On Fri, Sep 04, 2015 at 01:34:12PM -0700, Kees Cook wrote: >> On Fri, Sep 4, 2015 at 9:04 AM, Tycho Andersen >> wrote: >> > +static const struct bpf_func_proto * >> > +seccomp_func_proto(enum bpf_func_id func_id) >> > +{ >> > + /*

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Tycho Andersen
On Fri, Sep 04, 2015 at 01:34:12PM -0700, Kees Cook wrote: > On Fri, Sep 4, 2015 at 9:04 AM, Tycho Andersen > wrote: > > +static const struct bpf_func_proto * > > +seccomp_func_proto(enum bpf_func_id func_id) > > +{ > > + /* Right now seccomp eBPF loading doesn't support maps; seccomp > >

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Kees Cook
On Fri, Sep 4, 2015 at 9:04 AM, Tycho Andersen wrote: > seccomp uses eBPF as its underlying storage and execution format, and eBPF > has features that seccomp would like to make use of in the future. This > patch adds a formal seccomp type to the eBPF verifier. > > The current implementation of

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Alexei Starovoitov
On Fri, Sep 04, 2015 at 10:04:19AM -0600, Tycho Andersen wrote: > seccomp uses eBPF as its underlying storage and execution format, and eBPF > has features that seccomp would like to make use of in the future. This > patch adds a formal seccomp type to the eBPF verifier. > > The current

[PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Tycho Andersen
seccomp uses eBPF as its underlying storage and execution format, and eBPF has features that seccomp would like to make use of in the future. This patch adds a formal seccomp type to the eBPF verifier. The current implementation of the seccomp eBPF type is very limited, and doesn't support some

[PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Tycho Andersen
seccomp uses eBPF as its underlying storage and execution format, and eBPF has features that seccomp would like to make use of in the future. This patch adds a formal seccomp type to the eBPF verifier. The current implementation of the seccomp eBPF type is very limited, and doesn't support some

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Alexei Starovoitov
On Fri, Sep 04, 2015 at 10:04:19AM -0600, Tycho Andersen wrote: > seccomp uses eBPF as its underlying storage and execution format, and eBPF > has features that seccomp would like to make use of in the future. This > patch adds a formal seccomp type to the eBPF verifier. > > The current

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Tycho Andersen
On Fri, Sep 04, 2015 at 01:34:12PM -0700, Kees Cook wrote: > On Fri, Sep 4, 2015 at 9:04 AM, Tycho Andersen > wrote: > > +static const struct bpf_func_proto * > > +seccomp_func_proto(enum bpf_func_id func_id) > > +{ > > + /* Right now seccomp eBPF loading

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Tycho Andersen
On Fri, Sep 04, 2015 at 01:17:47PM -0700, Alexei Starovoitov wrote: > On Fri, Sep 04, 2015 at 10:04:19AM -0600, Tycho Andersen wrote: > > seccomp uses eBPF as its underlying storage and execution format, and eBPF > > has features that seccomp would like to make use of in the future. This > > patch

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Kees Cook
On Fri, Sep 4, 2015 at 2:06 PM, Tycho Andersen wrote: > On Fri, Sep 04, 2015 at 01:34:12PM -0700, Kees Cook wrote: >> On Fri, Sep 4, 2015 at 9:04 AM, Tycho Andersen >> wrote: >> > +static const struct bpf_func_proto * >> >

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Kees Cook
On Fri, Sep 4, 2015 at 9:04 AM, Tycho Andersen wrote: > seccomp uses eBPF as its underlying storage and execution format, and eBPF > has features that seccomp would like to make use of in the future. This > patch adds a formal seccomp type to the eBPF verifier. > >

Re: [PATCH 1/6] ebpf: add a seccomp program type

2015-09-04 Thread Andy Lutomirski
On Fri, Sep 4, 2015 at 9:04 AM, Tycho Andersen wrote: > seccomp uses eBPF as its underlying storage and execution format, and eBPF > has features that seccomp would like to make use of in the future. This > patch adds a formal seccomp type to the eBPF verifier. > >