From: Kees Cook <keescook@chromium.org>
To: Matthew Wilcox <willy@infradead.org>
Cc: Gabriel Krisman Bertazi <krisman@collabora.com>,
tglx@linutronix.de, linux-kernel@vger.kernel.org,
kernel@collabora.com, luto@kernel.org, gofmanp@gmail.com,
linux-kselftest@vger.kernel.org, shuah@kernel.org
Subject: Re: [PATCH v4 1/2] kernel: Implement selective syscall userspace redirection
Date: Thu, 16 Jul 2020 14:26:30 -0700 [thread overview]
Message-ID: <202007161425.3D9B91DB6@keescook> (raw)
In-Reply-To: <20200716210601.GN12769@casper.infradead.org>
On Thu, Jul 16, 2020 at 10:06:01PM +0100, Matthew Wilcox wrote:
> On Thu, Jul 16, 2020 at 03:31:40PM -0400, Gabriel Krisman Bertazi wrote:
> > selector is an optional pointer to a char-sized userspace memory region
> > that has a key switch for the mechanism. This key switch is set to
> > either PR_SYS_DISPATCH_ON, PR_SYS_DISPATCH_OFF to enable and disable the
> > redirection without calling the kernel.
> >
> > The feature is meant to be set per-thread and it is disabled on
> > fork/clone/execv.
>
> Disabled on exec. Disabled in the child on clone/fork (and vfork, I
> think).
>
> That means we don't need to worry about it interacting badly with
> a setuid program, right?
Right, that's the intention.
--
Kees Cook
next prev parent reply other threads:[~2020-07-16 21:26 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-16 19:31 [PATCH v4 0/2] Syscall User Redirection Gabriel Krisman Bertazi
2020-07-16 19:31 ` [PATCH v4 1/2] kernel: Implement selective syscall userspace redirection Gabriel Krisman Bertazi
2020-07-16 21:06 ` Matthew Wilcox
2020-07-16 21:26 ` Kees Cook [this message]
2020-07-17 0:20 ` Andy Lutomirski
2020-07-17 2:15 ` Gabriel Krisman Bertazi
2020-07-17 4:48 ` Andy Lutomirski
2020-07-21 12:06 ` Mark Rutland
2020-07-20 9:23 ` Thomas Gleixner
2020-07-20 9:44 ` Will Deacon
2020-07-20 10:08 ` Thomas Gleixner
2020-07-20 13:46 ` Gabriel Krisman Bertazi
2020-07-16 19:31 ` [PATCH v4 2/2] selftests: Add kselftest for syscall user dispatch Gabriel Krisman Bertazi
2020-07-16 20:04 ` [PATCH v4 0/2] Syscall User Redirection Kees Cook
2020-07-16 20:22 ` Christian Brauner
2020-07-16 20:25 ` Kees Cook
2020-07-16 20:29 ` Christian Brauner
2020-07-16 20:30 ` Gabriel Krisman Bertazi
2020-07-16 21:06 ` Carlos O'Donell
2020-08-02 12:01 ` Pavel Machek
2020-08-04 14:26 ` Gabriel Krisman Bertazi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202007161425.3D9B91DB6@keescook \
--to=keescook@chromium.org \
--cc=gofmanp@gmail.com \
--cc=kernel@collabora.com \
--cc=krisman@collabora.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=luto@kernel.org \
--cc=shuah@kernel.org \
--cc=tglx@linutronix.de \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.