Re: [PATCH net-next 3/6] samples: bpf: example of stateful socket filtering

From: David Miller
Date: Sat Nov 29 2014 - 23:57:55 EST


From: Alexei Starovoitov <ast@xxxxxxxxxxxx>
Date: Wed, 26 Nov 2014 21:42:28 -0800

> this socket filter example does:
> - creates arraymap in kernel with key 4 bytes and value 8 bytes
>
> - loads eBPF program:
> r0 = skb[14 + 9]; // load one byte of ip->proto
...
> + BPF_LD_ABS(BPF_B, 14 + 9 /* R0 = ip->proto */),

I do not want anything having to do with fixed offsets from
the skb.

Nothing should know where things are in the SKB structure,
especially user facing things.

That's why we have explicit BPF operations for fetching
specific SKB members, so that the layout is completely
transparent to the entity generating BPF programs.

Besides retaining the flexibility of changing the SKB
layout arbitrarily without breaking bpf programs, there
are also security considerations from allowing bpf
programs to load arbitrary offsets.

Sorry, I do not like this patch series at all.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/