From: Benjamin Tissoires <benjamin.tissoires@redhat.com>
Subject: [Ksummit-discuss] [MAINTAINERS SUMMIT] How far to go with eBPF
Date: Thu, 16 Jun 2022 14:09:20 +0200 [thread overview]
Message-ID: <CAO-hwJJzwbzB4=h4EUN3MaGnu7xRRm-5_yn0Bg5v3zYmz1D0fQ@mail.gmail.com> (raw)
In-Reply-To: <CACRpkdY24aHp+iJschxZzTC4wyX51qH028YY++LZOMu94COeZQ@mail.gmail.com>
On Thu, Jun 16, 2022 at 1:38 PM Linus Walleij <linus.walleij@linaro.org> wrote:
>
> On Thu, Jun 16, 2022 at 10:02 AM Jiri Kosina <jikos@kernel.org> wrote:
> > On Wed, 15 Jun 2022, Benjamin Tissoires wrote:
> >
> > > One point that was also raised in the various HID-BPF patch series is
> > > that for "hardware enablement" like support, the eBPF programs would be
> > > in-tree, and automatically loaded by the kernel itself.
> > >
> > > Alexei has some ideas on how to implement that, I had others, but the
> > > hallway track discussions showed that everybody has a different idea on
> > > the automatic mechanism, but it is a requirement and worth discussing :)
> > >
> > > Which means that in that case, eBPF would be a more convenient way for
> > > users to fix their device, without having to rely on a full or partial
> > > kernel recompilation.
>
> Convenient for some definition of convenient. I might be biased in asking
> how much harder it is to set up a kernel compile, rebuild a module
> and run a few insmod/rmmod to find a quirk compared to setting up
> the eBPF compiler and figure out how to compile and push in such
> programs.
>
> I guess I could be convinced.
The plan is to forward to the end user the sources, of course, but
also the binary blob. The binary can be checked that it is doing the
correct thing because it's not so much of a black box and we can
easily check that it is the one built from the source. For extra check
the maintainer can also sign the binary.
And for the end user, it is thus: 1. trust your kernel maintainer (see
above if you don't), and 2. drop the binary in the file system and
forget. So no compilation involved :)
>
> > That definitely does solve one of the issues. It's basically following the
> > model of perf, where the ABI must not be kept intact, because the user(s)
> > of it are in-tree and released in lockstep with the ABI changes.
>
> I agree, I would actually go so far as to taint the kernel if programs that are
> not in-tree are used. That is fine for the goal here: users can create new
> eBPF snippets and debug them, but they can't ship them because then
> the kernel gets tainted, so they MUST be submitted upstream.
>
> Do you think we could do this? Pushing taint in the face of people who
> don't follow our established contribution process is essentially the big
> hammer we have to stop fragmentation.
I would like to have that too. The in-kernel eBPF binaries are using a
different path to be loaded so I would assume this is OK to
differentiate, but I'll leave it to Alexei to give a more definitive
answer.
Cheers,
Benjamin
next prev parent reply other threads:[~2022-06-16 12:09 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-15 6:55 [Ksummit-discuss] [MAINTAINERS SUMMIT] How far to go with eBPF Jiri Kosina
2022-06-15 8:05 ` Linus Walleij
2022-06-15 8:36 ` Jiri Kosina
2022-06-15 17:04 ` Jan Kara
2022-06-15 17:25 ` Jonathan Corbet
[not found] ` <20220615174601.GX1790663@paulmck-ThinkPad-P17-Gen-1>
2022-06-15 18:25 ` Jiri Kosina
2022-06-16 16:26 ` Steven Rostedt
2022-06-16 16:38 ` James Bottomley
2022-06-16 16:51 ` Steven Rostedt
2022-06-16 18:25 ` James Bottomley
2022-06-16 19:08 ` Steven Rostedt
2022-06-17 7:53 ` Jiri Kosina
2022-06-17 8:24 ` Linus Walleij
2022-06-17 10:30 ` Jan Kara
2022-06-17 11:04 ` Benjamin Tissoires
[not found] ` <dc6ca88d-d1ef-a1ab-dbef-e9338467271d@redhat.com>
2022-06-17 11:25 ` Benjamin Tissoires
2022-06-17 11:32 ` Hans de Goede
2022-06-20 13:13 ` Steven Rostedt
2022-06-21 15:05 ` Steven Rostedt
2022-06-21 16:33 ` Benjamin Tissoires
2022-06-23 20:15 ` Jiri Kosina
2022-06-23 21:23 ` Alexei Starovoitov
2022-06-23 21:36 ` Steven Rostedt
[not found] ` <20220615174358.GA26358@lst.de>
[not found] ` <CAO-hwJKqA07KX+6QtotCS8PtHFtk3DLQPJ3W8puaHOv7tOdi+Q@mail.gmail.com>
[not found] ` <20220616114856.GA11127@lst.de>
2022-06-16 12:14 ` Benjamin Tissoires
[not found] ` <CAO-hwJJmW_STS=nT22n4pcaZf9gz953K4o2vhgmq-ig4OzxOLg@mail.gmail.com>
2022-06-16 8:02 ` Jiri Kosina
2022-06-16 11:37 ` Linus Walleij
2022-06-16 12:09 ` Benjamin Tissoires [this message]
2022-06-15 18:35 ` Luis Chamberlain
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAO-hwJJzwbzB4=h4EUN3MaGnu7xRRm-5_yn0Bg5v3zYmz1D0fQ@mail.gmail.com' \
--to=benjamin.tissoires@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).