From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.9 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9BF72C433DF for ; Sat, 6 Jun 2020 22:33:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7BA4D206A2 for ; Sat, 6 Jun 2020 22:33:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1591482818; bh=vPJj3jLSRzKiscPgvAT7ACdu8PVhP2SEEOKmWxBeITw=; h=References:In-Reply-To:From:Date:Subject:To:Cc:List-ID:From; b=Ce5NygfM/oUZ2ayuakFkCmvSrGctGVOV5uhIUzniHoYX4V+p+n9IOi2+2wOz3IfuF pVNoRfZjGml7rcX2tNRNeJn2V2XfKIvw6tb/13Hr7QyXizaFWahf6SzwRWjVn8mEpr 06SEAGK2kxQdCftxWisLFc0k8h7XMkWres3VbeYw= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728687AbgFFWdh (ORCPT ); Sat, 6 Jun 2020 18:33:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38460 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728479AbgFFWdh (ORCPT ); Sat, 6 Jun 2020 18:33:37 -0400 Received: from mail-lf1-x142.google.com (mail-lf1-x142.google.com [IPv6:2a00:1450:4864:20::142]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1C89DC03E96A for ; Sat, 6 Jun 2020 15:33:37 -0700 (PDT) Received: by mail-lf1-x142.google.com with SMTP id r125so7932239lff.13 for ; Sat, 06 Jun 2020 15:33:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3v5Kt8eWKoj8/dfeikK8krF25svghEw3lMoiT9ZcXk0=; b=eu2j1Y6krpt/zk9nzog/RgFPJNYImb6WDJAJ4Q3BH2EbU7xXBVn59g7FwqPU7fkIYd nIA7YYAmqf6rZR72RWPdr1NiipocRqwcLnHtA/zm37ImiNm+JzA4cfKk1HKQ1WYq9g67 mbfsgYhy8HsrX6T9EiQ6x5XUQF2CJ7Kna5Yl8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3v5Kt8eWKoj8/dfeikK8krF25svghEw3lMoiT9ZcXk0=; b=XbTsUaT1Prl4uIWKSnCLJZEhIrgQQV1SXD1GrnCsR1FgsOy4P22y0tTOytIDkwNR8L fxZCRI54boYDmt6ffze/zsXVUZirNrPL2OQRskfMmMgs6iSAsbynLNjLpxL8u0O9aX8x ZgZDosC+O6c/Nd2p0l+I8DC168+L5nOlqtVsczd7LbfOpSoZ8U3nfS4iWZS8f0lGa5TD CwGwRho5e964ojSJLNzOJxkpJJxUflMSFw4oiqhlmMZHhtJk5P1llrs3dLdGVWZ0aFVn U4/TwfCYfEvB8kJiu4EuKf/bkH9Eoh6ceu8cluj9pA5U6lHgqyv8u3odEyt52xZQLe/x hdZw== X-Gm-Message-State: AOAM531AbrmarJKWSko+fdA/5caoJDqRgAHKVWf2mNbQWuu4psATKTRC Y5Lmr3Nci/PqAE4cNDYnDvicWANsRjE= X-Google-Smtp-Source: ABdhPJxNh6Pm6txabejzRGvEoUH2iK7kgF8FfyKRpQH7NRAMvoHdguuoRVdCYm3QadhmA4o7ztf5/g== X-Received: by 2002:a19:7714:: with SMTP id s20mr8686824lfc.161.1591482813391; Sat, 06 Jun 2020 15:33:33 -0700 (PDT) Received: from mail-lf1-f41.google.com (mail-lf1-f41.google.com. [209.85.167.41]) by smtp.gmail.com with ESMTPSA id k15sm2280727lji.26.2020.06.06.15.33.30 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 06 Jun 2020 15:33:31 -0700 (PDT) Received: by mail-lf1-f41.google.com with SMTP id d7so7955707lfi.12 for ; Sat, 06 Jun 2020 15:33:30 -0700 (PDT) X-Received: by 2002:a05:6512:62:: with SMTP id i2mr8657693lfo.152.1591482810474; Sat, 06 Jun 2020 15:33:30 -0700 (PDT) MIME-Version: 1.0 References: <20200329005528.xeKtdz2A0%akpm@linux-foundation.org> <13fb3ab7-9ab1-b25f-52f2-40a6ca5655e1@i-love.sakura.ne.jp> <202006051903.C44988B@keescook> <875zc4c86z.fsf_-_@x220.int.ebiederm.org> <20200606201956.rvfanoqkevjcptfl@ast-mbp> In-Reply-To: <20200606201956.rvfanoqkevjcptfl@ast-mbp> From: Linus Torvalds Date: Sat, 6 Jun 2020 15:33:14 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [RFC][PATCH] net/bpfilter: Remove this broken and apparently unmantained To: Alexei Starovoitov Cc: "Eric W. Biederman" , Kees Cook , Tetsuo Handa , Andrew Morton , Alexei Starovoitov , David Miller , Al Viro , bpf , linux-fsdevel , Daniel Borkmann , Jakub Kicinski , Masahiro Yamada , Gary Lin , Bruno Meneguele Content-Type: text/plain; charset="UTF-8" Sender: bpf-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org On Sat, Jun 6, 2020 at 1:20 PM Alexei Starovoitov wrote: > > Please mention specific bugs and let's fix them. Well, Eric did mention one explicit bug, and several "looks dodgy" bugs. And the fact is, this isn't used. It's clever, and I like the concept, but it was probably a mistake to do this as a user-mode-helper thing. If people really convert netfilter rules to bpf, they'll likely do so in user space. This bpfilter thing hasn't gone anywhere, and it _has_ caused problems. So Alexei, I think the burden of proof is not on Eric, but on you. Eric's claim is that (a) it has bugs (and yes, he pointed to at lelast one) (b) it's not doing anything useful (b) it's a maintenance issue for execve, which is what Eric maintains. So you can't just dismiss this, ignore the reported bug, and say "we'll fix them". That only answers (a) (well, it _would_ have answered (a)., except you actually didn't even read Eric's report of existing bugs). What is your answer to (b)-(c)? Linus