Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp3232771pxb; Wed, 13 Oct 2021 01:37:06 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzdZYHMNtNl0Zcp+ASbL2GX6jC0v9h4+0meob52RUk5LJJktIHSce64xEUwtaw2zM8989jP X-Received: by 2002:a17:90b:3b44:: with SMTP id ot4mr11958540pjb.145.1634114226317; Wed, 13 Oct 2021 01:37:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634114226; cv=none; d=google.com; s=arc-20160816; b=0EHdFpGRoSdbtctImvXh1h+7BZkq1Pqx5EOd0+91xm2QjT36+3s2MFUty4jWY865Gz vDyY9sOUWtmbnxzks8foLBPBVecvFfqsJ6E7jvMeF0+fKaUqvzDKagA7icz3st1R06PF tEDRsWHQSs+Gzqy2sSzBZah2dU0++NwCZI1fX7qSkSj9rF7AC1f32Nq+2qr3B7e9uVP4 H8GBIxk2MjS9tC/6K6LiUnY/R+RlP1xBVOY2y3m/AdKkHVmjmQWcQOgerouKGU+GCj1N surw8LSbsPy+oA4WBr+W8O68S/QAuf7Ka8BEs7XhCmURRqmvjav3VNSL6nwXkbQOfk3s bB1Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=SefPEr/moa6wKQbCWN6jZ4XKEiadGETzM9Rm53D/EzU=; b=KY1bqmNdwpcUmg9PCvSJPN+torO6Z+c4DNZ3oYuHzdVKVeYTe8Ds14Rpe+gpQP734r BQNrY8FM5JVo99KkSHldGduNlkiGdArpQcl5BxOBsG/Roe4irN9P4tm4baFJGHnY667T abC4Q5Wmg+misWblkNwE5wfhm/POswUAK1S+SVMwhm0w5mEr9L6URychw/3zCszahmg3 2r2MIA6TmRvuJyTMRRX7i2DOaOKz/mNlzvK5V4eWN4T28AHdGfP+n8evbdsCp86LiQId lo5igRKN7UbbO00rnDWBJxq/8yUNgdewXckP9OTDq7XDDkTM9P2apRfrLu/M4SM2kxz7 y4tA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@cloudflare.com header.s=google header.b=vknABL3G; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=cloudflare.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id nt13si6594933pjb.97.2021.10.13.01.36.52; Wed, 13 Oct 2021 01:37:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@cloudflare.com header.s=google header.b=vknABL3G; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=cloudflare.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233400AbhJMIhV (ORCPT + 99 others); Wed, 13 Oct 2021 04:37:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52294 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232922AbhJMIhS (ORCPT ); Wed, 13 Oct 2021 04:37:18 -0400 Received: from mail-lf1-x131.google.com (mail-lf1-x131.google.com [IPv6:2a00:1450:4864:20::131]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C69AEC061746 for ; Wed, 13 Oct 2021 01:35:15 -0700 (PDT) Received: by mail-lf1-x131.google.com with SMTP id x27so8446843lfu.5 for ; Wed, 13 Oct 2021 01:35:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=SefPEr/moa6wKQbCWN6jZ4XKEiadGETzM9Rm53D/EzU=; b=vknABL3GD8R2SCx+yRHuxuXifwOW2ayrE5DQjDemq83z5+4G7v2Rwp4QdzWEmDtUl6 RhQj49RaP8tSRCqWRlUiUayLRCxAGMR9IxJmXLlKsScV9r0+QXFUUfgAgD84t9oekgpc ztBwHaKrhwuXXOarPxkgoztR0ybOIwhXwX6XM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=SefPEr/moa6wKQbCWN6jZ4XKEiadGETzM9Rm53D/EzU=; b=03bFnvSNxT7fXje4CGfa76atZ4khqmj4Hef/xCeag8dOwutXPvtHKj2M5y3xg0NcOq ZGV+q+BP9DEsZp2NGp3fwmUwQ2D/XCVfJ3tM+t1AhKbEDUJV+mTGMZV3M3w9zYJcGPvo DFUoXhl3ERcheqjpqkNIrxbLqyjnc4zsVtu5pKlCI4nmrV5jbCA12JkZSoyvIMVEWz4I PWB0i+JU0P0Upr1n/zGaxsx7bhJijaVhWHh6+GY9eTLv6rCniGqrxnGapHtSct7GWBI9 ODbnk4DBNxRdNBy+Vkc5jXnF+MtOLXEpnsAzhH8+XwzmzSJU4Ykv1JS/NZRGqofuiRsA W5lg== X-Gm-Message-State: AOAM531MWHDL5cge9sipKK30Ye7mURyZEbqymg06h2xrhcfi96OxrEIK 0CFA2d6ZoI/SCyvOk0vwlHnKzMrxftgpZqLEeoDskg== X-Received: by 2002:a05:6512:314b:: with SMTP id s11mr13005772lfi.206.1634114114183; Wed, 13 Oct 2021 01:35:14 -0700 (PDT) MIME-Version: 1.0 References: <20211012135935.37054-1-lmb@cloudflare.com> <20211012135935.37054-5-lmb@cloudflare.com> <836d9371-7d51-b01f-eefd-cc3bf6f5f68e@6wind.com> In-Reply-To: <836d9371-7d51-b01f-eefd-cc3bf6f5f68e@6wind.com> From: Lorenz Bauer Date: Wed, 13 Oct 2021 09:35:03 +0100 Message-ID: Subject: Re: [PATCH v2 4/4] bpf: export bpf_jit_current To: nicolas.dichtel@6wind.com Cc: Luke Nelson , Jonathan Corbet , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , "David S. Miller" , Jakub Kicinski , kernel-team , linux-doc@vger.kernel.org, LKML , Networking , bpf Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 12 Oct 2021 at 17:29, Nicolas Dichtel w= rote: > > Le 12/10/2021 =C3=A0 15:59, Lorenz Bauer a =C3=A9crit : > > Expose bpf_jit_current as a read only value via sysctl. > > > > Signed-off-by: Lorenz Bauer > > --- > > [snip] > > > + { > > + .procname =3D "bpf_jit_current", > > + .data =3D &bpf_jit_current, > > + .maxlen =3D sizeof(long), > > + .mode =3D 0400, > Why not 0444 ? This mirrors what the other BPF related sysctls do, which only allow access from root with CAP_SYS_ADMIN. I'd prefer 0444 as well, but Daniel explicitly locked down these sysctls in 2e4a30983b0f9b19b59e38bbf7427d7fdd480d98. Lorenz -- Lorenz Bauer | Systems Engineer 6th Floor, County Hall/The Riverside Building, SE1 7PB, UK www.cloudflare.com