Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
- Subject: Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
- From: Oleg Nesterov <oleg@xxxxxxxxxx>
- Date: Tue, 17 Jan 2012 17:45:23 +0100
- Cc: linux-kernel@xxxxxxxxxxxxxxx, keescook@xxxxxxxxxxxx, john.johansen@xxxxxxxxxxxxx, serge.hallyn@xxxxxxxxxxxxx, coreyb@xxxxxxxxxxxxxxxxxx, pmoore@xxxxxxxxxx, eparis@xxxxxxxxxx, djm@xxxxxxxxxxx, torvalds@xxxxxxxxxxxxxxxxxxxx, segoon@xxxxxxxxxxxx, rostedt@xxxxxxxxxxx, jmorris@xxxxxxxxx, scarybeasts@xxxxxxxxx, avi@xxxxxxxxxx, penberg@xxxxxxxxxxxxxx, viro@xxxxxxxxxxxxxxxxxx, luto@xxxxxxx, mingo@xxxxxxx, akpm@xxxxxxxxxxxxxxxxxxxx, khilman@xxxxxx, borislav.petkov@xxxxxxx, amwang@xxxxxxxxxx, ak@xxxxxxxxxxxxxxx, eric.dumazet@xxxxxxxxx, gregkh@xxxxxxx, dhowells@xxxxxxxxxx, daniel.lezcano@xxxxxxx, linux-fsdevel@xxxxxxxxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, olofj@xxxxxxxxxxxx, mhalcrow@xxxxxxxxxx, dlaor@xxxxxxxxxx, Roland McGrath <mcgrathr@xxxxxxxxxxxx>, Andi Kleen <andi@xxxxxxxxxxxxxx>, indan@xxxxxx
- In-reply-to: <CABqD9hY3DtOqBWDofMQhHNKeUbz4ebfOENKVJkqE+AjRqZFkZA@mail.gmail.com>
- List-id: <linux-security-module.vger.kernel.org>
- User-agent: Mutt/1.5.18 (2008-05-17)
On 01/16, Will Drewry wrote:
>
> On Mon, Jan 16, 2012 at 12:37 PM, Oleg Nesterov <oleg@xxxxxxxxxx> wrote:
> >
> > Yes, thanks, I forgot about compat tasks again. But this is easy, just
> > we need regs_64_to_32().
>
> Yup - we could make the assumption that is_compat_task is always
> 32-bit and the pt_regs is always 64-bit, then copy_and_truncate with
> regs_64_to_32. Seems kinda wonky though :/
much simpler/faster than what regset does to create the artificial
user_regs_struct32.
> > Doesn't matter. I think Indan has a better suggestion.
>
> I disagree, but perhaps I'm not fully understanding!
I have much more chances to be wrong ;) I leave it to you and Indan.
Oleg.
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
- References:
- [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
- Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
- Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
- Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
- Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
- Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
- Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
- Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
- Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
- Re: [RFC,PATCH 1/2] seccomp_filters: system call filtering using BPF
[Fedora Maintainers]
[Fedora Desktop]
[Fedora SELinux]
[Yosemite News]
[Yosemite Photos]
[KDE Users]
[Fedora Tools]
