Re: [RFC 0/1] BPF tracing for arm64 using fprobe

From: Steven Rostedt
Date: Mon Nov 21 2022 - 10:40:07 EST

Next message: Alexei Starovoitov: "Re: [RFC 0/1] BPF tracing for arm64 using fprobe"
Previous message: Borislav Petkov: "Re: [PATCH v4 1/6] x86: KVM: Advertise CMPccXADD CPUID to user space"
In reply to: KP Singh: "Re: [RFC 0/1] BPF tracing for arm64 using fprobe"
Next in thread: Jiri Kosina: "Re: [RFC 0/1] BPF tracing for arm64 using fprobe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 21 Nov 2022 16:29:54 +0100
KP Singh <kpsingh@xxxxxxxxxx> wrote:

> I am not sure how they can circumvent security since this needs root /
> root equivalent permissions. Fault injection is actually a very useful
> debugging tool.

On ChromeOS, we even consider root untrusted and lock down pretty
much all privileged activities (like loading modules and such).

As you said. It's a good debugging tool. Not something to allow in
production environments. Or at the very least, allow admins to disable it.

-- Steve

Next message: Alexei Starovoitov: "Re: [RFC 0/1] BPF tracing for arm64 using fprobe"
Previous message: Borislav Petkov: "Re: [PATCH v4 1/6] x86: KVM: Advertise CMPccXADD CPUID to user space"
In reply to: KP Singh: "Re: [RFC 0/1] BPF tracing for arm64 using fprobe"
Next in thread: Jiri Kosina: "Re: [RFC 0/1] BPF tracing for arm64 using fprobe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]