[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob.
|
From: |
Daniel P . Berrangé |
|
Subject: |
Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob. |
|
Date: |
Tue, 16 May 2023 11:29:49 +0100 |
|
User-agent: |
Mutt/2.2.9 (2022-11-12) |
On Tue, May 16, 2023 at 12:23:28PM +0200, Markus Armbruster wrote:
> Daniel P. Berrangé <berrange@redhat.com> writes:
>
> > On Tue, May 16, 2023 at 10:47:52AM +0200, Markus Armbruster wrote:
>
> [...]
>
> >> So, this is basically a way to retrieve an eBPF program by some
> >> well-known name.
> >>
> >> Ignorant question: how are these programs desposited?
> >
> > The eBPF code blob is linked into QEMU at build time. THis API lets
> > libvirt fetch it from QEMU, in base64 format. When libvirt later
> > creates NICs, it can attach the eBPF code blob to the TAP device (which
> > requires elevated privilleges that QEMU lacks). NB, libvirt would fetch
> > the eBPF code from QEMU when probing capabilities, as once a VM is
> > running it is untrusted.
>
> Okay, I can see how that helps. I trust the blob is in a read-only
> segment. Ideally, libvirt fetches it before the guest runs.
Whether the blob is in a read-only segment or not isn't important,
because it transits writable memory in the QMP command marshalling.
IOW, if we're trying to mitigate against compromised QEMU, we
*must* fetch it before vCPUs are started. If we're super paranoid,
we would want to fetch it before even opening untrusted disk images
too. It might push towards fetching it while probing capabilities
from a throw-away QEMU with "-m none"
> Please improve the QAPI schema doc comments to explain why and how the
> feature is to be used in a bit more detail. The existing text
>
> Function returns eBPF object that can be loaded with libbpf.
> Management applications (g.e. libvirt) may load it and pass file
> descriptors to QEMU. Which allows running QEMU without BPF capabilities.
>
> is too terse.
>
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
- Re: [PATCH v2 3/6] virtio-net: Added property to load eBPF RSS with fds., (continued)
- [PATCH v2 2/6] ebpf: Added eBPF initialization by fds., Andrew Melnychenko, 2023/05/12
- [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Andrew Melnychenko, 2023/05/12
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Daniel P . Berrangé, 2023/05/15
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Markus Armbruster, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Daniel P . Berrangé, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Markus Armbruster, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob.,
Daniel P . Berrangé <=
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Markus Armbruster, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Daniel P . Berrangé, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Markus Armbruster, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Daniel P . Berrangé, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Markus Armbruster, 2023/05/22
[PATCH v2 4/6] ebpf: Added declaration/initialization routines., Andrew Melnychenko, 2023/05/12
Re: [PATCH v2 0/6] eBPF RSS through QMP support., Andrew Melnichenko, 2023/05/12