From mboxrd@z Thu Jan 1 00:00:00 1970 From: James Morris Subject: Re: [PATCH v10 0/11] seccomp: add thread sync ability Date: Tue, 15 Jul 2014 11:53:10 +1000 Message-ID: <53C48986.5010109@oracle.com> References: <1405017631-27346-1-git-send-email-keescook@chromium.org> <20140711164931.GA18473@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: Sender: linux-mips-bounce@linux-mips.org Errors-to: linux-mips-bounce@linux-mips.org List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-subscribe: List-owner: List-post: List-archive: To: Kees Cook Cc: Oleg Nesterov , LKML , Andy Lutomirski , Alexei Starovoitov , "Michael Kerrisk (man-pages)" , Andrew Morton , Daniel Borkmann , Will Drewry , Julien Tinnes , David Drysdale , Linux API , "x86@kernel.org" , "linux-arm-kernel@lists.infradead.org" , linux-mips@linux-mips.org, linux-arch , linux-security-module List-Id: linux-api@vger.kernel.org On 07/15/2014 04:59 AM, Kees Cook wrote: > Hi James, > > Is this series something you would carry in the security-next tree? > That has traditionally been where seccomp features have landed in the > past. > > -Kees > > > On Fri, Jul 11, 2014 at 10:55 AM, Kees Cook wrote: >> On Fri, Jul 11, 2014 at 9:49 AM, Oleg Nesterov wrote: >>> On 07/10, Kees Cook wrote: >>>> >>>> This adds the ability for threads to request seccomp filter >>>> synchronization across their thread group (at filter attach time). >>>> For example, for Chrome to make sure graphic driver threads are fully >>>> confined after seccomp filters have been attached. >>>> >>>> To support this, locking on seccomp changes via thread-group-shared >>>> sighand lock is introduced, along with refactoring of no_new_privs. Races >>>> with thread creation are handled via delayed duplication of the seccomp >>>> task struct field and cred_guard_mutex. >>>> >>>> This includes a new syscall (instead of adding a new prctl option), >>>> as suggested by Andy Lutomirski and Michael Kerrisk. >>> >>> I do not not see any problems in this version, >> >> Awesome! Thank you for all the reviews. :) If Andy and Michael are >> happy with this too, I think this is in good shape. \o/ >> >> -Kees >> >>> >>> Reviewed-by: Oleg Nesterov >>> >> >> >> >> -- >> Kees Cook >> Chrome OS Security > > > Yep, certainly. From mboxrd@z Thu Jan 1 00:00:00 1970 From: james.l.morris@oracle.com (James Morris) Date: Tue, 15 Jul 2014 11:53:10 +1000 Subject: [PATCH v10 0/11] seccomp: add thread sync ability In-Reply-To: References: <1405017631-27346-1-git-send-email-keescook@chromium.org> <20140711164931.GA18473@redhat.com> Message-ID: <53C48986.5010109@oracle.com> To: linux-arm-kernel@lists.infradead.org List-Id: linux-arm-kernel.lists.infradead.org On 07/15/2014 04:59 AM, Kees Cook wrote: > Hi James, > > Is this series something you would carry in the security-next tree? > That has traditionally been where seccomp features have landed in the > past. > > -Kees > > > On Fri, Jul 11, 2014 at 10:55 AM, Kees Cook wrote: >> On Fri, Jul 11, 2014 at 9:49 AM, Oleg Nesterov wrote: >>> On 07/10, Kees Cook wrote: >>>> >>>> This adds the ability for threads to request seccomp filter >>>> synchronization across their thread group (at filter attach time). >>>> For example, for Chrome to make sure graphic driver threads are fully >>>> confined after seccomp filters have been attached. >>>> >>>> To support this, locking on seccomp changes via thread-group-shared >>>> sighand lock is introduced, along with refactoring of no_new_privs. Races >>>> with thread creation are handled via delayed duplication of the seccomp >>>> task struct field and cred_guard_mutex. >>>> >>>> This includes a new syscall (instead of adding a new prctl option), >>>> as suggested by Andy Lutomirski and Michael Kerrisk. >>> >>> I do not not see any problems in this version, >> >> Awesome! Thank you for all the reviews. :) If Andy and Michael are >> happy with this too, I think this is in good shape. \o/ >> >> -Kees >> >>> >>> Reviewed-by: Oleg Nesterov >>> >> >> >> >> -- >> Kees Cook >> Chrome OS Security > > > Yep, certainly.