On 10/5/15 1:48 PM, Alexei Starovoitov wrote:
Unprivileged socket filter bpf programs have access to the following helper functions: - map lookup/update/delete (but they cannot store kernel pointers into them) - get_random (it's already exposed to unprivileged user space) - get_smp_processor_id - tail_call into another socket filter program - ktime_get_ns - bpf_trace_printk (for debugging)
while reviewing everything for Nth time realized that bpf_trace_printk is useless for unprivileged users, since trace_pipe is root only. So going to drop it in V2. -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
