...
- Cross platform signing
- DaveT: Was anybody able to review the patch.
- Brian: Went through the conversation
- DaveT: Topic will be discussed in the eBPF foundation BSC meeting. 1 Week from today L3AF will be presenting. Next meeting - design of signing needs to be cross-platform.
- Two proposals:
- Matteo's - cross-platform, very well aligned with L3AFd.
- Would be helpful if the L3AF community supported this proposal
- Other - approved list of binaries (Linux centric)
- Can load anything that is on the authorized list.
- Does not meet L3AF or eBPF for Windows needs.
- Would be fine if both were merged
- Matteo's - cross-platform, very well aligned with L3AFd.
- Two proposals:
- DaveT: Cisco's (Chris) opinion would be very helpful
- Weigh in on the Linux discussion group and on the BSC call.
- Karan could add a bullet point to presentation - collective opinion of the L3AF community.
- Brian: Add a point in your document about this?
- Matteo's original patch was a config option to add only signed programs.
- Alexi's other patch is moving forward
- John Fastabend (on Linux discussion) and Luca agreed that the features needed by MSFT could be implemented inside of libBPF and as an eBPF program
- This conversation ended on Dec. 9th (Before Matteo presented at L3AF)
- DaveT: Meeting with Matteo after this call
- Brian: L3AF could include the signing eBPF program as part of its eBPF program chain. (According to discussion on Linux group)
- Vicky: Invite Matteo to next weeks meeting.
- Have L3AF call next week to discuss signing before BSC meeting.
- Louis: Will not be at the L3AF call next week , but will give the keys to an appropriate host.
- DaveT: Was anybody able to review the patch.
- Brian: L3AF Kernel Marketplace
- https://github.com/l3af-project/l3af-arch/discussions/9
- DaveT suggests adding this as a PR for line-level comments (Brian will do)
- DaveT: Kernel functions only diss-allows eBPF programs that can be uploaded to NICs. Suggest a name change.
- Vicky: Suggest package manager as a concept for the name. Define broadly. Names have power.
- DaveT: The name implies scope.
- Brian: What should we name it?
- eBPF is difficult to say and will probably need an acronym.
- Vicky: eBPF Package Manager == EPM
- Karan: EPM / eBPF package manager does make a lot of sense, in terms of scope
- Brian: is the Kernel Function Marketplace part of the L3AF project?
- May make sense to migrate to its own project.
- In the future a platform agnostic place may be apropos for the EPM
- Vicky: L3AF could be its initial client. This could really help L3AF. Define it as something standardized that a package manager can use.
- This way the EPM would be a force to increase L3AF adoption and help us push towards standardization for both EPM and L3AF.
- In the future a platform agnostic place may be apropos for the EPM
- DaveT: Benefits to both ways of doing this:
- Inside L3AF then it is closely located with all the other parts of L3AF. This could help widen the scope of L3AF.
- Outside L3AF then it can include things that do not work with the current version of L3AF.
- There isn't a BSC opinion yet. It is forming now.
- Distinguish between L3AFd and eBPF.
- Answer: What is the L3AF project?
- Today it is the L3AFd, but in the future we will expand scope.
- Vicky: EPM should be outside L3AF because there will be others working on it.
- DaveT: Is it part of one of these or both?
- Thing that LF sanctions - L3AFP (legal entity)
- L3AFp - Github repo
- May make sense to migrate to its own project.
- DaveT: eBPF code signing portion in additional bullet point in the lifecycle management section.
- Brian: 2 different layers of signing
- Package contribs of compiled source code (signed). This is app layer packaging.
- Signing of eBPF programs.
- Doc only currently talks about package signing
- DaveT: Please put that in proposal.
- Some cases where signing should be done by author, others signed by the repository.
- Brian: 2 different layers of signing
- Brian: Initial version Github repo may be sufficient
- Assumes that everyone will be okay pushing their code to a L3AF Project repo
- Revisions could be tested and reviewed by L3AF team
- DaveT: Requiring manual review? Good/Bad?
- Brian: Short term - no manual vetting
- We currently do not have automatic review
- DaveT: Requirement to have automated review.
- Vicky: Marketplace needs manual review for safety.
- DaveT: Manual review could be optional.
- Vicky: Is part of the review going to be for security.
- Automatic review - definitely. Manual reviews - maybe. (at the start)
- DaveT: Notion of private repo
- Jason: For startup we need manual review
- Brian: Short term - no manual vetting
- Brian: Hosting source code or packages
- Source code - versioning etc.
- Package or archive - what is needed to run the program along with docs
- Signed by repo
- Karan: Please review doc. We will discuss in next meeting.
- This is the area where we need support from the community.
- Brian: Will put up the pull request today.
- Please discuss on PR.
- Louis: LEAF session is 8:15 ET will this work?
- Daniel: Will check with Poorna
- Need email for presenters.
- LFN induction - Need a separate meeting to discuss this
- Needs a lot of community input.
- General agreement.
*** Minutes from 12/15/2021 ***
...