On Wed, Apr 25, 2018 at 05:37:39PM +0200, Daniel Borkmann wrote:
> On 04/25/2018 04:14 PM, Alexei Starovoitov wrote:
> > On Wed, Apr 25, 2018 at 05:25:47PM +0800, Leo Yan wrote:
> >>
> >> If we have concern for security issue, should we remove support for
> >> 'bpf_jit_enable = 2' and modify the do
On 04/25/2018 04:14 PM, Alexei Starovoitov wrote:
> On Wed, Apr 25, 2018 at 05:25:47PM +0800, Leo Yan wrote:
>>
>> If we have concern for security issue, should we remove support for
>> 'bpf_jit_enable = 2' and modify the doc to reflect this change?
>
> I suggest to fix the doc.
Agree, lets do th
On Wed, Apr 25, 2018 at 05:25:47PM +0800, Leo Yan wrote:
>
> If we have concern for security issue, should we remove support for
> 'bpf_jit_enable = 2' and modify the doc to reflect this change?
I suggest to fix the doc.
Hi Daniel,
On Wed, Apr 25, 2018 at 11:12:21AM +0200, Daniel Borkmann wrote:
> On 04/25/2018 10:18 AM, Leo Yan wrote:
> > After enabled BPF_JIT_ALWAYS_ON config, bpf_jit_enable always equals to
> > 1; it is impossible to set 'bpf_jit_enable = 2' and the kernel has no
> > chance to call bpf_jit_dump
On 04/25/2018 10:18 AM, Leo Yan wrote:
> After enabled BPF_JIT_ALWAYS_ON config, bpf_jit_enable always equals to
> 1; it is impossible to set 'bpf_jit_enable = 2' and the kernel has no
> chance to call bpf_jit_dump().
>
> This patch relaxes bpf_jit_enable range to [1..2] when kernel config
> BPF_J
After enabled BPF_JIT_ALWAYS_ON config, bpf_jit_enable always equals to
1; it is impossible to set 'bpf_jit_enable = 2' and the kernel has no
chance to call bpf_jit_dump().
This patch relaxes bpf_jit_enable range to [1..2] when kernel config
BPF_JIT_ALWAYS_ON is enabled so can invoke jit dump.
Si
