Re: [PATCH v8 1/2] seccomp: add a return code to trap to userspace

From: Kees Cook
Date: Tue Oct 30 2018 - 17:49:28 EST

Next message: Kees Cook: "Re: [PATCH v4] pstore: Avoid duplicate call of persistent_ram_zap()"
Previous message: Igor Stoppa: "Re: [PATCH 10/17] prmem: documentation"
In reply to: Kees Cook: "Re: [PATCH v8 1/2] seccomp: add a return code to trap to userspace"
Next in thread: Tycho Andersen: "Re: [PATCH v8 1/2] seccomp: add a return code to trap to userspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Oct 29, 2018 at 3:40 PM, Tycho Andersen <tycho@xxxxxxxx> wrote:
> * switch to a flags based future-proofing mechanism for struct
> seccomp_notif and seccomp_notif_resp, thus avoiding version issues
> with structure length (Kees)
[...]
>
> +struct seccomp_notif {
> + __u64 id;
> + __u32 pid;
> + __u32 flags;
> + struct seccomp_data data;
> +};
> +
> +struct seccomp_notif_resp {
> + __u64 id;
> + __s64 val;
> + __s32 error;
> + __u32 flags;
> +};

Hrm, so, what's the plan for when struct seccomp_data changes size?
I'm realizing that it might be "too late" for userspace to discover
it's running on a newer kernel. i.e. it gets a user notification, and
discovers flags it doesn't know how to handle. Do we actually need
both flags AND a length? Designing UAPI is frustrating! :)

Do we need another ioctl to discover the seccomp_data size maybe?

--
Kees Cook

Next message: Kees Cook: "Re: [PATCH v4] pstore: Avoid duplicate call of persistent_ram_zap()"
Previous message: Igor Stoppa: "Re: [PATCH 10/17] prmem: documentation"
In reply to: Kees Cook: "Re: [PATCH v8 1/2] seccomp: add a return code to trap to userspace"
Next in thread: Tycho Andersen: "Re: [PATCH v8 1/2] seccomp: add a return code to trap to userspace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]