Announcement

Collapse
No announcement yet.

Microsoft & Others Form The eBPF Foundation

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #21
    Originally posted by linner View Post
    Hey, while we're at it, why not embed Java, Python, PHP, and Javascript directly in the kernel?! I mean it's the ultimate flexibility for expanding the kernel without needing to make a proper module, etc. Just load and run your scripts right in the kernel. What could possibly go wrong!
    Also, promote the integration of new code done in a relatively new programming language without ISO standards and only properly implemented by one compiler.

    What could possibly go wrong?

    Linus, what are you smoking?

    Comment


    • #22
      ITT a bunch of people with obviously zero idea how ebpf in Linux works make up a bunch of nonsense "theories" about as accurate as "hacking" on television.

      Comment


      • #23
        Originally posted by linner View Post
        Hey, while we're at it, why not embed Java, Python, PHP, and Javascript directly in the kernel?! I mean it's the ultimate flexibility for expanding the kernel without needing to make a proper module, etc. Just load and run your scripts right in the kernel. What could possibly go wrong!
        Hehehehe ... nice one

        Comment


        • #24
          I think the area that many people do not understand (including me) is how the eBPF validator ensures that the eBPF code submitted will not harm the kernel's execution. This is why the discussion over whether eBPF is Turing-complete is germane, as validation of a Turing-complete language is effectively a restatement of the well known halting problem, which is provably not possible to solve in the general case.

          The eBPF implementation has certain restrictions that are meant to make validation by the eBPF validator possible (that is, it is not the general case): bounded loops, and a restriction on the total number of statements executed in a program. There may be others. So the end result is that kernel safety is dependent on the design of eBPF language, any external restrictions imposed, and proper functioning of the validator.

          How do we know that the language, the restrictions, and the validator together make arbitrary eBPF code kernel-safe? Presumably Linus is convinced, as are other clever people involved in the project, so is there an eBPF kernel-safety guarantees for dummies guide somewhere I can be referred to? This dummy would like to read it.

          Comment


          • #25
            Rather insane to join in-kernel JIT, while their research team finds JavaScript JIT too insecure for a desktop app! https://youtu.be/WmZd2BFQdFs

            Comment


            • #26
              Originally posted by partcyborg View Post
              ITT a bunch of people with obviously zero idea how ebpf in Linux works make up a bunch of nonsense "theories" about as accurate as "hacking" on television.
              Meanwhile, eBPF experts fail to explain to stupid wannabees like me about how this can't go wrong. I just read tons of buzzwords and promises everywhere.

              If certain people think paranoids like me are wrong, please provide strong arguments.

              Meanwhile, I find eBPF information about it's potential cross-platform rootkit possibilities.

              Take a deep dive into the security implications for eBPF users by exploring how eBPF is used in Linux and Cloud environments, and how it can be abused by attackers.


              Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance.






              Linux Kernel 4.11 - eBPF Verifier Log Leaks Lower Half of map Pointer. CVE-2017-9150 . dos exploit for Linux platform


              Please prove me and others are wrong!

              Comment


              • #27
                “There are two types of people: some are rolling the world, while others (phoronix users) are running alongside and shouting:" God, where is this world heading? "

                Comment


                • #28
                  Originally posted by RedEyed View Post
                  “There are two types of people: some are rolling the world, while others (phoronix users) are running alongside and shouting:" God, where is this world heading? "
                  The first type of 'people' you mention are actually a handful of the most anti-privacy, anti-competition, and anti-freedom companies in existence.
                  It would be insane to not scrutinize them. This could be good technology or garbage but we don't yet know and like all things we should be critical thinkers in our approach

                  Comment


                  • #29
                    Originally posted by GMAHN View Post

                    The first type of 'people' you mention are actually a handful of the most anti-privacy, anti-competition, and anti-freedom companies in existence.
                    It would be insane to not scrutinize them. This could be good technology or garbage but we don't yet know and like all things we should be critical thinkers in our approach
                    Yes, that's correct. At my opinion, phoronix users became very non critical thinkers when they meet Micro$oft and linux in the same title

                    Also, look at this in different way: The first type of 'people' actually contribute much more to the linux (rolling the world) than an average phoronix user.
                    Last edited by RedEyed; 13 August 2021, 07:17 AM.

                    Comment


                    • #30
                      Originally posted by RedEyed View Post

                      Yes, that's correct. At my opinion, phoronix users became very non critical thinkers when they meet Micro$oft and linux in the same title

                      Also, look at this in different way: The first type of 'people' actually contribute much more to the linux (rolling the world) than an average phoronix user.
                      These companies and their practices are one of the reasons that FOSS is important to begin with and it turns out that everyone benefits from it but these companies are not the heart and soul of Linux and thus we must be vigilant critical thinkers

                      Comment

                      Working...
                      X