From: Ilya Leoshkevich <iii@linux.ibm.com>
To: Daniel Borkmann <daniel@iogearbox.net>,
Alexei Starovoitov <ast@kernel.org>
Cc: bpf@vger.kernel.org, Heiko Carstens <heiko.carstens@de.ibm.com>,
Vasily Gorbik <gor@linux.ibm.com>,
Ilya Leoshkevich <iii@linux.ibm.com>
Subject: [RFC PATCH bpf-next] bpf: allow JIT debugging if CONFIG_BPF_JIT_ALWAYS_ON is set
Date: Wed, 6 Nov 2019 17:12:04 +0100 [thread overview]
Message-ID: <20191106161204.87261-1-iii@linux.ibm.com> (raw)
Currently it's not possible to set bpf_jit_enable = 2 when
CONFIG_BPF_JIT_ALWAYS_ON is set, which makes debugging certain problems
harder.
It looks as if it's safe to allow this, because setting this knob
requires root anyway, but I'm not sure about all the security
implications, so sending this as an RFC.
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
---
net/core/sysctl_net_core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
index eb29e5adc84d..09f1218b5656 100644
--- a/net/core/sysctl_net_core.c
+++ b/net/core/sysctl_net_core.c
@@ -389,7 +389,7 @@ static struct ctl_table net_core_table[] = {
.proc_handler = proc_dointvec_minmax_bpf_enable,
# ifdef CONFIG_BPF_JIT_ALWAYS_ON
.extra1 = SYSCTL_ONE,
- .extra2 = SYSCTL_ONE,
+ .extra2 = &two,
# else
.extra1 = SYSCTL_ZERO,
.extra2 = &two,
--
2.23.0
next reply other threads:[~2019-11-06 16:12 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-06 16:12 Ilya Leoshkevich [this message]
2019-11-06 16:15 ` [RFC PATCH bpf-next] bpf: allow JIT debugging if CONFIG_BPF_JIT_ALWAYS_ON is set Alexei Starovoitov
2019-11-06 16:28 ` Ilya Leoshkevich
2019-11-06 16:50 ` John Fastabend
2019-11-06 23:07 ` Daniel Borkmann
2019-11-07 15:30 ` Ilya Leoshkevich
2019-11-07 16:19 ` Daniel Borkmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191106161204.87261-1-iii@linux.ibm.com \
--to=iii@linux.ibm.com \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=gor@linux.ibm.com \
--cc=heiko.carstens@de.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).