[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob.
|
From: |
Markus Armbruster |
|
Subject: |
Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob. |
|
Date: |
Tue, 16 May 2023 17:06:24 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) |
Daniel P. Berrangé <berrange@redhat.com> writes:
> On Tue, May 16, 2023 at 04:04:39PM +0200, Markus Armbruster wrote:
>> Daniel P. Berrangé <berrange@redhat.com> writes:
>>
>> > On Tue, May 16, 2023 at 12:23:28PM +0200, Markus Armbruster wrote:
>> >> Daniel P. Berrangé <berrange@redhat.com> writes:
>> >>
>> >> > On Tue, May 16, 2023 at 10:47:52AM +0200, Markus Armbruster wrote:
>> >>
>> >> [...]
>> >>
>> >> >> So, this is basically a way to retrieve an eBPF program by some
>> >> >> well-known name.
>> >> >>
>> >> >> Ignorant question: how are these programs desposited?
>> >> >
>> >> > The eBPF code blob is linked into QEMU at build time. THis API lets
>> >> > libvirt fetch it from QEMU, in base64 format. When libvirt later
>> >> > creates NICs, it can attach the eBPF code blob to the TAP device (which
>> >> > requires elevated privilleges that QEMU lacks). NB, libvirt would fetch
>> >> > the eBPF code from QEMU when probing capabilities, as once a VM is
>> >> > running it is untrusted.
>> >>
>> >> Okay, I can see how that helps. I trust the blob is in a read-only
>> >> segment. Ideally, libvirt fetches it before the guest runs.
>> >
>> > Whether the blob is in a read-only segment or not isn't important,
>> > because it transits writable memory in the QMP command marshalling.
>>
>> True. We could bypass marshalling. Unclean hack. Or we could sign the
>> bits cryptograhically. Key management headaches. Not worth it, because
>> fetching it before QEMU becomes untrusted is easier.
>>
>> However, I now wonder why we fetch it from QEMU. Why not ship it with
>> QEMU?
>
> Fetching it from QEMU gives us a strong guarantee that the eBPF
> code actually matches the QEMU binary we're talking to, which is
> useful if you're dealing with RPMs which can be upgraded behind
> your back, or have multiple parallel installs of QEMU.
Yes, but what makes this one different from all the other things that
need to match?
- [PATCH v2 2/6] ebpf: Added eBPF initialization by fds., (continued)
- [PATCH v2 2/6] ebpf: Added eBPF initialization by fds., Andrew Melnychenko, 2023/05/12
- [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Andrew Melnychenko, 2023/05/12
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Daniel P . Berrangé, 2023/05/15
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Markus Armbruster, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Daniel P . Berrangé, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Markus Armbruster, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Daniel P . Berrangé, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Markus Armbruster, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Daniel P . Berrangé, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob.,
Markus Armbruster <=
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Daniel P . Berrangé, 2023/05/16
- Re: [PATCH v2 5/6] qmp: Added new command to retrieve eBPF blob., Markus Armbruster, 2023/05/22
[PATCH v2 4/6] ebpf: Added declaration/initialization routines., Andrew Melnychenko, 2023/05/12
Re: [PATCH v2 0/6] eBPF RSS through QMP support., Andrew Melnichenko, 2023/05/12