On Mon, Jul 11, 2022 at 12:56:28PM +0200, Jiri Olsa wrote: > On Mon, Jul 11, 2022 at 10:32:18AM +0200, Artem Savkov wrote: > > Add a BPF_F_DESTRUCTIVE will be required to be supplied to > > BPF_PROG_LOAD for programs to utilize destructive helpers such as > > bpf_panic(). > > I'd think that having kernel.destructive_bpf_enabled sysctl knob enabled > would be enough to enable that helper from any program, not sure having > extra load flag adds more security I agree it doesn't add more security. The idea was to have a way for a developer to explicitly state he understand this will be dangerous. This flag can also translate well into something like a --destructive option for bpftrace without needing to keep a list of destructive helpers on their side. -- Artem
