Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S934204AbcCIVI0 (ORCPT <rfc822;w@1wt.eu>);
	Wed, 9 Mar 2016 16:08:26 -0500
Received: from mail-oi0-f43.google.com ([209.85.218.43]:34502 "EHLO
	mail-oi0-f43.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S932504AbcCIVIQ (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Wed, 9 Mar 2016 16:08:16 -0500
MIME-Version: 1.0
In-Reply-To: <56E09031.8050007@mellanox.com>
References: <1456949376-4910-1-git-send-email-cmetcalf@ezchip.com>
 <1456949376-4910-10-git-send-email-cmetcalf@ezchip.com> <CALCETrX6wJHC_yBGy7H6LamHTvGf8x+Fjqi6P2jxUBZ7GBp0AQ@mail.gmail.com>
 <56D895EA.1060301@mellanox.com> <CALCETrUrc_LJyLJLHefSDYagCrNqqzKuknr6uLgVXnPW8PmZKw@mail.gmail.com>
 <56DDE9C9.5060900@mellanox.com> <CALCETrUrP+gZsDLChMi5ZbT-TkD4gXvMZQt+iun2EYHipcuxHQ@mail.gmail.com>
 <56DF38BA.9030007@mellanox.com> <CALCETrVfKRZKV0ZQQn_ca0T7Ts5a6h2+4GEyoEFh31JOyg4XQw@mail.gmail.com>
 <56E09031.8050007@mellanox.com>
From: Andy Lutomirski <luto@amacapital.net>
Date: Wed, 9 Mar 2016 13:07:55 -0800
Message-ID: <CALCETrWz9yyRL4XENS7xDCBdo8NiEyi2OpX2uiKPAOWdkM4xFw@mail.gmail.com>
Subject: Re: [PATCH v10 09/12] arch/x86: enable task isolation functionality
To: Chris Metcalf <cmetcalf@mellanox.com>
Cc: Kees Cook <keescook@chromium.org>, Thomas Gleixner <tglx@linutronix.de>,
        Christoph Lameter <cl@linux.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        Viresh Kumar <viresh.kumar@linaro.org>, Ingo Molnar <mingo@kernel.org>,
        Steven Rostedt <rostedt@goodmis.org>, Tejun Heo <tj@kernel.org>,
        Gilad Ben Yossef <giladb@ezchip.com>,
        Will Deacon <will.deacon@arm.com>, Rik van Riel <riel@redhat.com>,
        Frederic Weisbecker <fweisbec@gmail.com>,
        "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        X86 ML <x86@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>,
        Catalin Marinas <catalin.marinas@arm.com>,
        Peter Zijlstra <peterz@infradead.org>
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1225
Lines: 41

On Wed, Mar 9, 2016 at 1:05 PM, Chris Metcalf <cmetcalf@mellanox.com> wrote:
> On 3/9/2016 3:58 PM, Andy Lutomirski wrote:
>>>
>>> My preference would be not to have to require all task-isolation users
>>> >to also figure out all the complexities of creating BPF programs, so
>>> >my intention is to have task isolation automatically generate a BPF
>>> >program (just allowing prctl/exit/exit_group and failing everything
>>> >else with SIGSYS).  To support having it work this way, I open up
>>> >the seccomp stuff a little so that kernel clients can effectively
>>> >push/pop a BPF program into seccomp:
>>
>> That sounds like a great use case for the new libtaskisolation that
>> someone is surely writing:)
>
>
> Happily, task isolation is so simple an API that all that is needed is a
> prctl().
>
> ... Unless somehow a requirement to inflict a huge blob of eBPF into the
> kernel
> just to use task isolation safely is added, of course :-)
>

BPF, not eBPF.  Also, it's a tiny blob.

And this still has nothing to do with using it safely.  This has to do
with catching your own bugs.

--Andy

>
> --
> Chris Metcalf, Mellanox Technologies
> http://www.mellanox.com
>



-- 
Andy Lutomirski
AMA Capital Management, LLC