Debian User Forums


https://forums.debian.net/

how much risk is ther in this "BPF"

https://forums.debian.net/viewtopic.php?t=139017

Page 1 of 1

how much risk is ther in this "BPF"

Posted: 2018-11-08 18:53
by mike acker
Regarding "BPF" ( in kernel trace tools ) REFERENCE:

excerpt
WHAT ABOUT THE CODE?
But, enough of the personal and social issues of Linux, what about the code?

We spoke about the rise in use of the BPF in Linux. As Jon Corbet, kernel developer and editor of LWN, explained in a keynote at Open Source Europe, BPF is an in-kernel VM. It's different from the others, because it allows user-space processes to load processes into kernel space.

Traditionally, Linux is made of the kernel and user space and never the twain shall meet -- except by well-defined application programming interfaces (APIs).
This is the first time I've read any notes regarding "BPF"; hopefully this is available only in the developer edition for use in the lab.

thoughts/comments?

Re: how much risk is ther in this "BPF"

Posted: 2018-11-08 21:37
by Segfault
Read up on Berkeley Packet Filter. It is not what you think it is.

For starters: https://en.wikipedia.org/wiki/Berkeley_Packet_Filter

Re: how much risk is ther in this "BPF"

Posted: 2018-11-10 11:31
by mike acker
Segfault wrote:Read up on Berkeley Packet Filter. It is not what you think it is.

For starters: https://en.wikipedia.org/wiki/Berkeley_Packet_Filter
wickipedia isn't the most reputable source particularly on this type of topic -- which has serious political implications.

I'll continue to watch for info on this although 1 thing is abundantly clear: letting a user process start code in the kernel is a no-no and has been since multi-pprocessing was developed.

Re: how much risk is ther in this "BPF"

Posted: 2018-11-10 12:52
by llivv
their are lots of ways user space intereacts with kernel space. Just read a few package descriptions and you can see for yourself.
politics be damned. Obviously not all good. for everyone all the time or even anyone any time. (strike that)
That's not at all saying there are lots of ways for Users to interact with the kernel, but their are some.
simple example: issuing a kernel boot option to the kernel boot commandline.

Until we get an idea where you intend this thread to go I'll just stick with wiki for my example as well.
https://en.wikipedia.org/wiki/Sandbox_% ... ecurity%29

And if you're interested in understanding more about this hot? issue, a search for the data you desire is not extremely difficult.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited