From: Kees Cook <keescook@chromium.org>
To: Jann Horn <jannh@google.com>
Cc: YiFei Zhu <yifeifz2@illinois.edu>,
Christian Brauner <christian.brauner@ubuntu.com>,
Tycho Andersen <tycho@tycho.pizza>,
Andy Lutomirski <luto@amacapital.net>,
Will Drewry <wad@chromium.org>,
Andrea Arcangeli <aarcange@redhat.com>,
Giuseppe Scrivano <gscrivan@redhat.com>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
Dimitrios Skarlatos <dskarlat@cs.cmu.edu>,
Valentin Rothberg <vrothber@redhat.com>,
Hubertus Franke <frankeh@us.ibm.com>,
Jack Chen <jianyan2@illinois.edu>,
Josep Torrellas <torrella@illinois.edu>,
Tianyin Xu <tyxu@illinois.edu>, bpf <bpf@vger.kernel.org>,
Linux Containers <containers@lists.linux-foundation.org>,
Linux API <linux-api@vger.kernel.org>,
kernel list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 2/6] x86: Enable seccomp architecture tracking
Date: Thu, 24 Sep 2020 00:12:19 -0700 [thread overview]
Message-ID: <202009240011.A56710DC@keescook> (raw)
In-Reply-To: <CAG48ez1BXWdWA5zPzOD21bQ4RsHQ6bSDWR8soTkkNphJ=zdHWw@mail.gmail.com>
On Thu, Sep 24, 2020 at 02:45:45AM +0200, Jann Horn wrote:
> On Thu, Sep 24, 2020 at 1:29 AM Kees Cook <keescook@chromium.org> wrote:
> > Provide seccomp internals with the details to calculate which syscall
> > table the running kernel is expecting to deal with. This allows for
> > efficient architecture pinning and paves the way for constant-action
> > bitmaps.
> [...]
> > diff --git a/arch/x86/include/asm/seccomp.h b/arch/x86/include/asm/seccomp.h
> [...]
> > +#ifdef CONFIG_X86_64
> [...]
> > +#else /* !CONFIG_X86_64 */
> > +# define SECCOMP_ARCH AUDIT_ARCH_I386
> > +#endif
>
> If we are on a 32-bit kernel, performing architecture number checks in
> the kernel is completely pointless, because we know that there is only
> a single architecture identifier under which syscalls can happen.
>
> While this patch is useful for enabling the bitmap logic in the
> following patches, I think it adds unnecessary overhead in the context
> of the previous patch.
That's what the RFC was trying to do (avoid the logic if there is only a
single arch known to the kernel). I will rework this a bit harder. :)
--
Kees Cook
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org>
To: Jann Horn <jannh@google.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>,
Giuseppe Scrivano <gscrivan@redhat.com>,
Will Drewry <wad@chromium.org>, bpf <bpf@vger.kernel.org>,
YiFei Zhu <yifeifz2@illinois.edu>,
Linux API <linux-api@vger.kernel.org>,
Linux Containers <containers@lists.linux-foundation.org>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
Hubertus Franke <frankeh@us.ibm.com>,
Andy Lutomirski <luto@amacapital.net>,
Valentin Rothberg <vrothber@redhat.com>,
Dimitrios Skarlatos <dskarlat@cs.cmu.edu>,
Jack Chen <jianyan2@illinois.edu>,
Josep Torrellas <torrella@illinois.edu>,
Tianyin Xu <tyxu@illinois.edu>,
kernel list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 2/6] x86: Enable seccomp architecture tracking
Date: Thu, 24 Sep 2020 00:12:19 -0700 [thread overview]
Message-ID: <202009240011.A56710DC@keescook> (raw)
In-Reply-To: <CAG48ez1BXWdWA5zPzOD21bQ4RsHQ6bSDWR8soTkkNphJ=zdHWw@mail.gmail.com>
On Thu, Sep 24, 2020 at 02:45:45AM +0200, Jann Horn wrote:
> On Thu, Sep 24, 2020 at 1:29 AM Kees Cook <keescook@chromium.org> wrote:
> > Provide seccomp internals with the details to calculate which syscall
> > table the running kernel is expecting to deal with. This allows for
> > efficient architecture pinning and paves the way for constant-action
> > bitmaps.
> [...]
> > diff --git a/arch/x86/include/asm/seccomp.h b/arch/x86/include/asm/seccomp.h
> [...]
> > +#ifdef CONFIG_X86_64
> [...]
> > +#else /* !CONFIG_X86_64 */
> > +# define SECCOMP_ARCH AUDIT_ARCH_I386
> > +#endif
>
> If we are on a 32-bit kernel, performing architecture number checks in
> the kernel is completely pointless, because we know that there is only
> a single architecture identifier under which syscalls can happen.
>
> While this patch is useful for enabling the bitmap logic in the
> following patches, I think it adds unnecessary overhead in the context
> of the previous patch.
That's what the RFC was trying to do (avoid the logic if there is only a
single arch known to the kernel). I will rework this a bit harder. :)
--
Kees Cook
_______________________________________________
Containers mailing list
Containers@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/containers
next prev parent reply other threads:[~2020-09-24 7:13 UTC|newest]
Thread overview: 81+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-23 23:29 [PATCH v1 0/6] seccomp: Implement constant action bitmaps Kees Cook
2020-09-23 23:29 ` Kees Cook
2020-09-23 23:29 ` [PATCH 1/6] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE Kees Cook
2020-09-23 23:29 ` Kees Cook
2020-09-24 0:41 ` Jann Horn
2020-09-24 0:41 ` Jann Horn via Containers
2020-09-24 7:11 ` Kees Cook
2020-09-24 7:11 ` Kees Cook
2020-09-23 23:29 ` [PATCH 2/6] x86: Enable seccomp architecture tracking Kees Cook
2020-09-23 23:29 ` Kees Cook
2020-09-24 0:45 ` Jann Horn
2020-09-24 0:45 ` Jann Horn via Containers
2020-09-24 7:12 ` Kees Cook [this message]
2020-09-24 7:12 ` Kees Cook
2020-09-23 23:29 ` [PATCH 3/6] seccomp: Implement constant action bitmaps Kees Cook
2020-09-23 23:29 ` Kees Cook
2020-09-24 0:25 ` Jann Horn
2020-09-24 0:25 ` Jann Horn via Containers
2020-09-24 7:36 ` Kees Cook
2020-09-24 7:36 ` Kees Cook
2020-09-24 8:07 ` YiFei Zhu
2020-09-24 8:07 ` YiFei Zhu
2020-09-24 8:15 ` Kees Cook
2020-09-24 8:15 ` Kees Cook
2020-09-24 8:22 ` YiFei Zhu
2020-09-24 8:22 ` YiFei Zhu
2020-09-24 12:28 ` Jann Horn
2020-09-24 12:28 ` Jann Horn via Containers
2020-09-24 12:37 ` David Laight
2020-09-24 12:37 ` David Laight
2020-09-24 12:56 ` Jann Horn
2020-09-24 12:56 ` Jann Horn via Containers
[not found] ` <DM6PR11MB271492D0565E91475D949F5DEF390@DM6PR11MB2714.namprd11.prod.outlook.com>
2020-09-24 0:36 ` YiFei Zhu
2020-09-24 0:36 ` YiFei Zhu
2020-09-24 7:38 ` Kees Cook
2020-09-24 7:38 ` Kees Cook
2020-09-24 7:51 ` YiFei Zhu
2020-09-24 7:51 ` YiFei Zhu
2020-09-23 23:29 ` [PATCH 4/6] seccomp: Emulate basic filters for constant action results Kees Cook
2020-09-23 23:29 ` Kees Cook
2020-09-23 23:47 ` Jann Horn
2020-09-23 23:47 ` Jann Horn via Containers
2020-09-24 7:46 ` Kees Cook
2020-09-24 7:46 ` Kees Cook
2020-09-24 15:28 ` Paul Moore
2020-09-24 15:28 ` Paul Moore
2020-09-24 19:52 ` Kees Cook
2020-09-24 19:52 ` Kees Cook
2020-09-24 20:46 ` Paul Moore
2020-09-24 20:46 ` Paul Moore
2020-09-24 21:35 ` Kees Cook
2020-09-24 21:35 ` Kees Cook
2020-09-24 13:16 ` kernel test robot
2020-09-23 23:29 ` [PATCH 5/6] selftests/seccomp: Compare bitmap vs filter overhead Kees Cook
2020-09-23 23:29 ` Kees Cook
2020-09-23 23:29 ` [PATCH 6/6] [DEBUG] seccomp: Report bitmap coverage ranges Kees Cook
2020-09-23 23:29 ` Kees Cook
2020-09-24 13:40 ` [PATCH v1 0/6] seccomp: Implement constant action bitmaps Rasmus Villemoes
2020-09-24 13:40 ` Rasmus Villemoes
2020-09-24 13:58 ` YiFei Zhu
2020-09-24 13:58 ` YiFei Zhu
2020-09-25 5:56 ` Rasmus Villemoes
2020-09-25 5:56 ` Rasmus Villemoes
2020-09-25 7:07 ` YiFei Zhu
2020-09-25 7:07 ` YiFei Zhu
2020-09-26 18:11 ` YiFei Zhu
2020-09-26 18:11 ` YiFei Zhu
2020-09-28 20:04 ` Kees Cook
2020-09-28 20:04 ` Kees Cook
2020-09-28 20:16 ` YiFei Zhu
2020-09-28 20:16 ` YiFei Zhu
2020-09-24 14:05 ` Jann Horn
2020-09-24 14:05 ` Jann Horn via Containers
2020-09-24 18:57 ` Andrea Arcangeli
2020-09-24 18:57 ` Andrea Arcangeli
2020-09-24 19:18 ` Jann Horn
2020-09-24 19:18 ` Jann Horn via Containers
[not found] ` <9dbe8e3bbdad43a1872202ff38c34ca2@DM5PR11MB1692.namprd11.prod.outlook.com>
2020-09-24 19:48 ` Tianyin Xu
2020-09-24 19:48 ` Tianyin Xu
2020-09-24 20:00 ` Kees Cook
2020-09-24 20:00 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202009240011.A56710DC@keescook \
--to=keescook@chromium.org \
--cc=aarcange@redhat.com \
--cc=bpf@vger.kernel.org \
--cc=christian.brauner@ubuntu.com \
--cc=containers@lists.linux-foundation.org \
--cc=dskarlat@cs.cmu.edu \
--cc=frankeh@us.ibm.com \
--cc=gscrivan@redhat.com \
--cc=jannh@google.com \
--cc=jianyan2@illinois.edu \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=tobin@ibm.com \
--cc=torrella@illinois.edu \
--cc=tycho@tycho.pizza \
--cc=tyxu@illinois.edu \
--cc=vrothber@redhat.com \
--cc=wad@chromium.org \
--cc=yifeifz2@illinois.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.