01-05-2022 TSC Meeting Minutes

TSC Meeting Zoom link

Meeting Recording

Meeting Chat File

Attendees & Representation. Please add your name to the attendance table below.



Attendees

Name

Company

@Daniel Havey

Microsoft

@Eric Tice

Wipro

@VM (Vicky) Brasseur

Wipro

@Brian Merrell

Walmart

@Karan Dalal

Walmart

@Balachandra Kamat

Wipro

@Dave Thaler

Microsoft

Divya Reddy

Walmart

@Jason Niesz

Walmart

@Satya Pradhan



@Kanthi Pavuluri



























LF Staff:  @LJ Illuzzi

Agenda

  • General Topics (cover as needed)

    • Use Cases

    • Roadmap

    • Project structure

      • Governance

      • Technical Steering Committee

Minutes/Updates

Cross-platform signing proposal:

Details:

Matteo Croce from Microsoft joined today’s TSC call (excellent notes here, thanks to Daniel’s speedy fingers) to introduce and discuss his BPF patch to support cross-platform signing. Unfortunately, several key people were unable to make it to today’s call (that’s the holidays for you), so Matteo was able to introduce his patch but we weren’t able to get into a deep conversation about it.

A summary of today’s discussion: Matteo’s patch is cross-platform and will allow for signed BPF programs to be distributed remotely. Soon after Matteo’s patch, Alexei (maintainer of BPF) sent over a separate patch for signing BPF programs. It relies on an approve-list(*) as well as on Linux’s fs verity (meaning it’s not cross-platform).

The full discussion is in the recording of today’s call. Please give it a listen.

We were going to have an in-depth discussion of this be the topic of the next TSC call, but it seems Matteo’s patch is time-sensitive. Since the next call is January 5th, we’ll need people to have a look at the patch, the conversation in response to it, and then come up with an opinion based upon L3AF and its needs. That opinion should be expressed in the conversation on the patch.

  • Cross platform signing

    • DaveT: Was anybody able to review the patch.

      • Brian: Went through the conversation

    • DaveT: Topic will be discussed in the eBPF foundation BSC meeting. 1 Week from today L3AF will be presenting. Next meeting - design of signing needs to be cross-platform.

      • Two proposals:

        • Matteo's - cross-platform, very well aligned with L3AFd.

          • Would be helpful if the L3AF community supported this proposal

        • Other - approved list of binaries (Linux centric)

          • Can load anything that is on the authorized list.

          • Does not meet L3AF or eBPF for Windows needs.

        • Would be fine if both were merged

    • DaveT: Cisco's (Chris) opinion would be very helpful

      • Weigh in on the Linux discussion group and on the BSC call.

      • Karan could add a bullet point to presentation - collective opinion of the L3AF community.

      • Brian: Add a point in your document about this?

        • Matteo's original patch was a config option to add only signed programs.

        • Alexi's other patch is moving forward

        • John Fastabend (on Linux discussion) and Luca agreed that the features needed by MSFT could be implemented inside of libBPF and as an eBPF program

        • This conversation ended on Dec. 9th (Before Matteo presented at L3AF)

      • DaveT: Meeting with Matteo after this call

      • Brian: L3AF could include the signing eBPF program as part of its eBPF program chain. (According to discussion on Linux group)

      • Vicky: Invite Matteo to next weeks meeting.

      • Have L3AF call next week to discuss signing before BSC meeting.

      • Louis: Will not be at the L3AF call next week but will give the keys to an appropriate host.

  • Brian: L3AF Kernel Marketplace

    • https://github.com/l3af-project/l3af-arch/discussions/9

    • DaveT suggests adding this as a PR for line-level comments (Brian will do)

    • DaveT: Kernel functions only diss-allows eBPF programs that can be uploaded to NICs. Suggest a name change.

    • Vicky: Suggest package manager as a concept for the name. Define broadly. Names have power.

    • DaveT: The name implies scope.

  • Brian: What should we name it?

    • eBPF is difficult to say and will probably need an acronym.

    • Vicky: eBPF Package Manager == EPM

    • Karan: EPM / eBPF package manager does make a lot of sense, in terms of scope

  • Brian: is the Kernel Function Marketplace part of the L3AF project?

    • May make sense to migrate to its own project.

      • In the future a platform agnostic place may be apropos for the EPM

        • Vicky: L3AF could be its initial client. This could really help L3AF. Define it as something standardized that a package manager can use.

        • This way the EPM would be a force to increase L3AF adoption and help us push towards standardization for both EPM and L3AF.

    • DaveT: Benefits to both ways of doing this:

      • Inside L3AF then it is closely located with all the other parts of L3AF. This could help widen the scope of L3AF.

      • Outside L3AF then it can include things that do not work with the current version of L3AF.

      • There isn't a BSC opinion yet. It is forming now.

      • Distinguish between L3AFd and eBPF.

      • Answer: What is the L3AF project? 

        • Today it is the L3AFd, but in the future we will expand scope.

    • Vicky: EPM should be outside L3AF because there will be others working on it.

    • DaveT: Is it part of one of these or both?

      • Thing that LF sanctions - L3AFP (legal entity)

      • L3AFp - Github repo

  • DaveT: eBPF code signing portion in additional bullet point in the lifecycle management section.

    • Brian: 2 different layers of signing

      • Package contribs of compiled source code (signed). This is app layer packaging.

      • Signing of eBPF programs.

      • Doc only currently talks about package signing

    • DaveT: Please put that in proposal.