Re: [PATCH v5 bpf-next 2/3] bpf: implement CAP_BPF

On Tuesday, May 12, 2020 2:36 AM, Alexei Starovoitov wrote: > On Mon, May 11, 2020 at 05:12:10PM -0700, s...@google.com wrote: > > > On 05/08, Alexei Starovoitov wrote: > > > > > From: Alexei Starovoitov a...@kernel.org > > > [..] > > > @@ -3932,7 +3977,7 @@ SYSCALL_DEFINE3(bpf, int, cmd, union

Re: [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf

On Friday, August 16, 2019 9:59 AM, Thomas Gleixner wrote: > On Fri, 16 Aug 2019, Jordan Glover wrote: > > > "systemd --user" service? Trying to do so will fail with: > > "Failed to apply ambient capabilities (before UID change): Operation not > > permi

Re: [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf

On Thursday, August 15, 2019 11:08 PM, Alexei Starovoitov wrote: > On Thu, Aug 15, 2019 at 11:36:43AM -0700, Andy Lutomirski wrote: > > > On Thu, Aug 15, 2019 at 10:29 AM Alexei Starovoitov > > alexei.starovoi...@gmail.com wrote: > > > > > On Thu, Aug 15, 2019 a

Re: [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf

On Thursday, August 15, 2019 5:28 PM, Alexei Starovoitov wrote: > On Thu, Aug 15, 2019 at 11:24:54AM +0000, Jordan Glover wrote: > > > On Wednesday, August 14, 2019 10:05 PM, Alexei Starovoitov > > alexei.starovoi...@gmail.com wrote: > > > > > On Wed, Aug 1

Re: [PATCH v2 bpf-next 1/4] bpf: unprivileged BPF access via /dev/bpf

On Wednesday, August 14, 2019 10:05 PM, Alexei Starovoitov wrote: > On Wed, Aug 14, 2019 at 10:51:23AM -0700, Andy Lutomirski wrote: > > > If eBPF is genuinely not usable by programs that are not fully trusted > > by the admin, then no kernel changes at all are needed. Programs that > > want to