> On Jun 26, 2019, at 8:26 AM, Lorenz Bauer <l...@cloudflare.com> wrote: > > On Wed, 26 Jun 2019 at 16:19, Song Liu <songliubrav...@fb.com> wrote: >>> I know nothing about the scheduler, so pardon my ignorance. Does >>> TASK_BPF_FLAG_PERMITTED apply per user-space process, or per thread? >> >> It is per thread. clone() also clears the bit. I will make it more >> clear int the commit log. > > In that case this is going to be very hard if not impossible to use > from languages that > don't allow controlling threads, aka Go. I'm sure there are other > examples as well. > > Is it possible to make this per-process instead? We can probably use CLONE_THREAD flag to differentiate clone() and fork(). I need to read it more carefully to determine whether this is accurate and safe. Thanks, Song
- [PATCH bpf-next 0/4] sys_bpf() access control via /dev/... Song Liu
- [PATCH bpf-next 3/4] libbpf: add libbpf_[get|put]_... Song Liu
- [PATCH bpf-next 1/4] bpf: unprivileged BPF access ... Song Liu
- Re: [PATCH bpf-next 1/4] bpf: unprivileged BPF... Lorenz Bauer
- Re: [PATCH bpf-next 1/4] bpf: unprivileged... Song Liu
- Re: [PATCH bpf-next 1/4] bpf: unprivil... Lorenz Bauer
- Re: [PATCH bpf-next 1/4] bpf: unp... Song Liu
- Re: [PATCH bpf-next 1/4] bpf: unprivileged BPF... Song Liu
- Re: [PATCH bpf-next 1/4] bpf: unprivileged... Greg KH
- Re: [PATCH bpf-next 1/4] bpf: unprivil... Song Liu
- Re: [PATCH bpf-next 1/4] bpf: unp... Greg KH
- Re: [PATCH bpf-next 1/4] bpf:... Song Liu
- Re: [PATCH bpf-next 1/4] ... Greg KH
- [PATCH bpf-next 4/4] bpftool: use libbpf_[get|put]... Song Liu
- [PATCH bpf-next 2/4] bpf: sync tools/include/uapi/... Song Liu
- Re: [PATCH bpf-next 0/4] sys_bpf() access control ... Stanislav Fomichev
- Re: [PATCH bpf-next 0/4] sys_bpf() access cont... Alexei Starovoitov
