Re: [PATCH v4 04/13] seccomp_filter: add process state reporting

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
To: Will Drewry <wad@chromium.org>
Cc: linux-kernel@vger.kernel.org, kees.cook@canonical.com,
	torvalds@linux-foundation.org, tglx@linutronix.de, mingo@elte.hu,
	rostedt@goodmis.org, jmorris@namei.org
Subject: Re: [PATCH v4 04/13] seccomp_filter: add process state reporting
Date: Tue, 7 Jun 2011 16:56:13 -0700	[thread overview]
Message-ID: <20110607235613.GA21645@linux.vnet.ibm.com> (raw)
In-Reply-To: <1307133252-23259-4-git-send-email-wad@chromium.org>

On Fri, Jun 03, 2011 at 03:34:03PM -0500, Will Drewry wrote:
> Adds seccomp and seccomp_filter status reporting to proc.
> /proc/<pid>/seccomp_filter provides the current seccomp mode
> and the list of allowed or dynamically filtered system calls.
> 
> v4: move from rcu guard to mutex guard

Just in case the mutex guard turns into a bottleneck...  Replacing
your earlier racy rcu_assign_pointer() with xchg() would allow
the "winner" to free up the "loser"'s structure.

Of course, if the mutex guard works well for you, why bother?

							Thanx, Paul

> v3: changed to using filters directly.
> v2: removed status entry, added seccomp file.
>     (requested by kosaki.motohiro@jp.fujitsu.com)
>     allowed S_IRUGO reading of entries
>     (requested by viro@zeniv.linux.org.uk)
>     added flags
>     got rid of the seccomp_t type
>     dropped seccomp file
> 
> Signed-off-by: Will Drewry <wad@chromium.org>
> ---
>  fs/proc/base.c |   29 +++++++++++++++++++++++++++++
>  1 files changed, 29 insertions(+), 0 deletions(-)
> 
> diff --git a/fs/proc/base.c b/fs/proc/base.c
> index dfa5327..6dc4df8 100644
> --- a/fs/proc/base.c
> +++ b/fs/proc/base.c
> @@ -73,6 +73,7 @@
>  #include <linux/security.h>
>  #include <linux/ptrace.h>
>  #include <linux/tracehook.h>
> +#include <linux/seccomp.h>
>  #include <linux/cgroup.h>
>  #include <linux/cpuset.h>
>  #include <linux/audit.h>
> @@ -579,6 +580,28 @@ static int proc_pid_syscall(struct task_struct *task, char *buffer)
>  }
>  #endif /* CONFIG_HAVE_ARCH_TRACEHOOK */
> 
> +/*
> + * Print out the current seccomp filter set for the task.
> + */
> +#ifdef CONFIG_SECCOMP_FILTER
> +int proc_pid_seccomp_filter_show(struct seq_file *m, struct pid_namespace *ns,
> +				 struct pid *pid, struct task_struct *task)
> +{
> +	struct seccomp_filters *filters;
> +	/* Avoid allowing other processes to incur too much added contention by
> +	 * only acquiring a reference under the task-wide mutex.
> +	 */
> +	if (mutex_lock_killable(&task->seccomp.filters_guard))
> +		return -1;
> +	filters = get_seccomp_filter(task->seccomp.filters);
> +	mutex_unlock(&task->seccomp.filters_guard);
> +
> +	seccomp_show_filters(filters, m);
> +	put_seccomp_filter(filters);
> +	return 0;
> +}
> +#endif /* CONFIG_SECCOMP_FILTER */
> +
>  /************************************************************************/
>  /*                       Here the fs part begins                        */
>  /************************************************************************/
> @@ -2838,6 +2861,9 @@ static const struct pid_entry tgid_base_stuff[] = {
>  #ifdef CONFIG_HAVE_ARCH_TRACEHOOK
>  	INF("syscall",    S_IRUGO, proc_pid_syscall),
>  #endif
> +#ifdef CONFIG_SECCOMP_FILTER
> +	ONE("seccomp_filter",     S_IRUGO, proc_pid_seccomp_filter_show),
> +#endif
>  	INF("cmdline",    S_IRUGO, proc_pid_cmdline),
>  	ONE("stat",       S_IRUGO, proc_tgid_stat),
>  	ONE("statm",      S_IRUGO, proc_pid_statm),
> @@ -3180,6 +3206,9 @@ static const struct pid_entry tid_base_stuff[] = {
>  #ifdef CONFIG_HAVE_ARCH_TRACEHOOK
>  	INF("syscall",   S_IRUGO, proc_pid_syscall),
>  #endif
> +#ifdef CONFIG_SECCOMP_FILTER
> +	ONE("seccomp_filter",     S_IRUGO, proc_pid_seccomp_filter_show),
> +#endif
>  	INF("cmdline",   S_IRUGO, proc_pid_cmdline),
>  	ONE("stat",      S_IRUGO, proc_tid_stat),
>  	ONE("statm",     S_IRUGO, proc_pid_statm),
> -- 
> 1.7.0.4
>

next prev parent reply	other threads:[~2011-06-07 23:56 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-06-03 20:34 [PATCH v4 01/13] tracing: split out filter initialization and clean up Will Drewry
2011-06-03 20:34 ` [PATCH v4 02/13] tracing: split out syscall_trace_enter construction Will Drewry
2011-06-03 20:34 ` [PATCH v4 03/13] seccomp_filters: new mode with configurable syscall filters Will Drewry
2011-06-03 21:48   ` [PATCH v5 " Will Drewry
2011-06-06 16:56     ` [PATCH v6 03/14] " Will Drewry
2011-06-10 15:39       ` [PATCH v7 03/13] " Will Drewry
2011-06-13  2:24         ` [PATCH v8 " Will Drewry
2011-06-03 22:16   ` [PATCH v4 " Colin Walters
2011-06-06 12:48     ` Stephen Smalley
2011-06-06 15:25       ` Colin Walters
2011-06-06 16:36         ` Stephen Smalley
2011-06-03 20:34 ` [PATCH v4 04/13] seccomp_filter: add process state reporting Will Drewry
2011-06-03 21:50   ` [PATCH v5 " Will Drewry
2011-06-10 15:40     ` [PATCH v7 " Will Drewry
2011-06-07 23:56   ` Paul E. McKenney [this message]
2011-06-08  1:05     ` [PATCH v4 " Will Drewry
2011-06-08  1:59       ` Steven Rostedt
2011-06-03 20:34 ` [PATCH v4 05/13] seccomp_filter: Document what seccomp_filter is and how it works Will Drewry
2011-06-03 20:38   ` Kees Cook
2011-06-10 15:40   ` [PATCH v7 " Will Drewry
2011-06-03 20:34 ` [PATCH v4 06/13] x86: add HAVE_SECCOMP_FILTER and seccomp_execve Will Drewry
2011-06-03 20:34 ` [PATCH v4 07/13] arm: select HAVE_SECCOMP_FILTER Will Drewry
2011-06-03 20:34   ` Will Drewry
2011-06-03 20:34 ` [PATCH v4 08/13] microblaze: select HAVE_SECCOMP_FILTER and provide seccomp_execve Will Drewry
2011-06-03 20:34 ` [PATCH v4 09/13] mips: " Will Drewry
2011-06-03 20:34 ` [PATCH v4 10/13] s390: " Will Drewry
2011-06-03 20:34 ` [PATCH v4 11/13] powerpc: " Will Drewry
2011-06-03 20:34   ` Will Drewry
2011-06-03 20:34 ` [PATCH v4 12/13] sparc: " Will Drewry
2011-06-03 20:34   ` Will Drewry
2011-06-03 23:20   ` [PATCH v4 12/13] sparc: select HAVE_SECCOMP_FILTER and provide David Miller
2011-06-03 23:20     ` [PATCH v4 12/13] sparc: select HAVE_SECCOMP_FILTER and provide seccomp_execve David Miller
2011-06-03 20:34 ` [PATCH v4 13/13] sh: select HAVE_SECCOMP_FILTER Will Drewry
2011-06-03 20:34   ` Will Drewry

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20110607235613.GA21645@linux.vnet.ibm.com \
    --to=paulmck@linux.vnet.ibm.com \
    --cc=jmorris@namei.org \
    --cc=kees.cook@canonical.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@elte.hu \
    --cc=rostedt@goodmis.org \
    --cc=tglx@linutronix.de \
    --cc=torvalds@linux-foundation.org \
    --cc=wad@chromium.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.