From: Lorenz Bauer <lmb@cloudflare.com>
To: Paul Walmsley <paul.walmsley@sifive.com>,
Palmer Dabbelt <palmer@dabbelt.com>,
Albert Ou <aou@eecs.berkeley.edu>,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Andrii Nakryiko <andrii@kernel.org>
Cc: kernel-team@cloudflare.com, Lorenz Bauer <lmb@cloudflare.com>,
linux-riscv@lists.infradead.org, netdev@vger.kernel.org,
bpf@vger.kernel.org
Subject: [PATCH bpf-next 0/4] Fix up bpf_jit_limit some more
Date: Fri, 24 Sep 2021 10:55:38 +0100 [thread overview]
Message-ID: <20210924095542.33697-1-lmb@cloudflare.com> (raw)
Some more cleanups around bpf_jit_limit to make it readable via sysctl.
Things I'm not sure about:
* Is it OK to expose atomic_long_t bpf_jit_limit like this? The sysctl code
isn't atomic, but maybe it's fine because it's read only.
* All of the JIT related sysctls are quite restrictive, you have to have
CAP_SYS_ADMIN / CAP_BPF _and_ be root as well. This makes it problematic
to scrape these to expose them as metrics. Can we relax this somewhat?
Lorenz
Lorenz Bauer (4):
bpf: define bpf_jit_alloc_exec_limit for riscv JIT
bpf: define bpf_jit_alloc_exec_limit for arm64 JIT
bpf: prevent increasing bpf_jit_limit above max
bpf: export bpf_jit_current
arch/arm64/net/bpf_jit_comp.c | 5 +++++
arch/riscv/net/bpf_jit_core.c | 5 +++++
include/linux/filter.h | 2 ++
kernel/bpf/core.c | 7 ++++---
net/core/sysctl_net_core.c | 9 ++++++++-
5 files changed, 24 insertions(+), 4 deletions(-)
--
2.30.2
WARNING: multiple messages have this Message-ID (diff)
From: Lorenz Bauer <lmb@cloudflare.com>
To: Paul Walmsley <paul.walmsley@sifive.com>,
Palmer Dabbelt <palmer@dabbelt.com>,
Albert Ou <aou@eecs.berkeley.edu>,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Andrii Nakryiko <andrii@kernel.org>
Cc: kernel-team@cloudflare.com, Lorenz Bauer <lmb@cloudflare.com>,
linux-riscv@lists.infradead.org, netdev@vger.kernel.org,
bpf@vger.kernel.org
Subject: [PATCH bpf-next 0/4] Fix up bpf_jit_limit some more
Date: Fri, 24 Sep 2021 10:55:38 +0100 [thread overview]
Message-ID: <20210924095542.33697-1-lmb@cloudflare.com> (raw)
Some more cleanups around bpf_jit_limit to make it readable via sysctl.
Things I'm not sure about:
* Is it OK to expose atomic_long_t bpf_jit_limit like this? The sysctl code
isn't atomic, but maybe it's fine because it's read only.
* All of the JIT related sysctls are quite restrictive, you have to have
CAP_SYS_ADMIN / CAP_BPF _and_ be root as well. This makes it problematic
to scrape these to expose them as metrics. Can we relax this somewhat?
Lorenz
Lorenz Bauer (4):
bpf: define bpf_jit_alloc_exec_limit for riscv JIT
bpf: define bpf_jit_alloc_exec_limit for arm64 JIT
bpf: prevent increasing bpf_jit_limit above max
bpf: export bpf_jit_current
arch/arm64/net/bpf_jit_comp.c | 5 +++++
arch/riscv/net/bpf_jit_core.c | 5 +++++
include/linux/filter.h | 2 ++
kernel/bpf/core.c | 7 ++++---
net/core/sysctl_net_core.c | 9 ++++++++-
5 files changed, 24 insertions(+), 4 deletions(-)
--
2.30.2
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next reply other threads:[~2021-09-24 9:56 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-24 9:55 Lorenz Bauer [this message]
2021-09-24 9:55 ` [PATCH bpf-next 0/4] Fix up bpf_jit_limit some more Lorenz Bauer
2021-09-24 9:55 ` [PATCH bpf-next 1/4] bpf: define bpf_jit_alloc_exec_limit for riscv JIT Lorenz Bauer
2021-09-24 9:55 ` Lorenz Bauer
2021-09-24 15:28 ` Luke Nelson
2021-09-24 15:28 ` Luke Nelson
2021-09-24 9:55 ` [PATCH bpf-next 2/4] bpf: define bpf_jit_alloc_exec_limit for arm64 JIT Lorenz Bauer
2021-09-24 9:55 ` Lorenz Bauer
2021-09-29 16:18 ` Will Deacon
2021-09-29 16:18 ` Will Deacon
2021-09-24 9:55 ` [PATCH bpf-next 3/4] bpf: prevent increasing bpf_jit_limit above max Lorenz Bauer
2021-09-24 9:55 ` [PATCH bpf-next 4/4] bpf: export bpf_jit_current Lorenz Bauer
2021-09-27 13:34 ` Daniel Borkmann
2021-09-27 14:01 ` Jakub Sitnicki
2021-09-28 9:02 ` Lorenz Bauer
2021-09-29 14:56 ` Nicolas Dichtel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210924095542.33697-1-lmb@cloudflare.com \
--to=lmb@cloudflare.com \
--cc=andrii@kernel.org \
--cc=aou@eecs.berkeley.edu \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=kernel-team@cloudflare.com \
--cc=linux-riscv@lists.infradead.org \
--cc=netdev@vger.kernel.org \
--cc=palmer@dabbelt.com \
--cc=paul.walmsley@sifive.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.