Re: v2 of seccomp filter c/r patches

From: Andy Lutomirski
Date: Tue Sep 15 2015 - 14:14:16 EST

Next message: Andy Lutomirski: "Re: [PATCH v4 RESEND] x86/asm/entry/32, selftests: Add 'test_syscall_vdso' test"
Previous message: Mike Snitzer: "Re: dm: ioctl: prevent double freeing"
In reply to: Tycho Andersen: "Re: v2 of seccomp filter c/r patches"
Next in thread: Tycho Andersen: "Re: v2 of seccomp filter c/r patches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Sep 15, 2015 at 9:07 AM, Tycho Andersen
<tycho.andersen@xxxxxxxxxxxxx> wrote:
> Hi Andy,
>
> On Mon, Sep 14, 2015 at 10:52:46AM -0700, Andy Lutomirski wrote:
>>
>> I'm not sure I entirely like this solution...
>
> Ok. Since we also aren't going to do all the eBPF stuff now, how about
> something that looks like this:
>
> struct seccomp_layer {
> unsigned int size;
> unsigned int type; /* SECCOMP_BPF_CLASSIC or SECCOMP_EBPF or ... */
> bool inherited;
> union {
> unsigned int insn_cnt;
> struct bpf_insn *insns;
> };
> };
>
> with a ptrace command:
>
> ptrace(PTRACE_SECCOMP_DUMP_LAYER, pid, i, &layer);
>
> If we save a pointer to the current seccomp filter on fork (if there
> is one), then I think the inherited flag is just,
>
> inherited = is_ancestor(child->seccomp.filter, child->seccomp.inherited_filter)
>

I'm lost. What is the inherited flag for?

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andy Lutomirski: "Re: [PATCH v4 RESEND] x86/asm/entry/32, selftests: Add 'test_syscall_vdso' test"
Previous message: Mike Snitzer: "Re: dm: ioctl: prevent double freeing"
In reply to: Tycho Andersen: "Re: v2 of seccomp filter c/r patches"
Next in thread: Tycho Andersen: "Re: v2 of seccomp filter c/r patches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]