On Thu, 1 Jun 2017 12:52:28 -0600, David Ahern wrote: > On 6/1/17 12:27 PM, Alexei Starovoitov wrote: > > 'I want to retrieve original instructions' is not a problem. It's a > > push for 'solution'. Explaining 'why' you want to see original > > instructions would describe the actual problem. > > I have explained this. > > You are creating this hyper-complex almost completely invisible > infrastructure. You are enabling binary blobs that can bypass the > network stack and modify packets with almost no introspection on what is > happening. BPF code can from a variety of sources -- OS vendors, > upstream repos, 3rd party vendors (eg., H/W vendors), and "in-house" > development. Each will swear to the end that any observed problem is not > with their code. In my experience, it falls on to the OS and kernel > experts to figure out why Linux is breaking something. To do that we > need tools to look at what code is running where and something that can > be used in production environments not requiring a disruption to the > service that the box is providing.
Forgive my ignorance, but is it possible to dump code of a loaded module out of the kernel?
