From: Shuah Khan <shuahkh@osg.samsung.com>
To: "Kees Cook" <keescook@chromium.org>, "Mickaël Salaün" <mic@digikod.net>
Cc: linux-security-module <linux-security-module@vger.kernel.org>,
Andreas Gruenbacher <agruenba@redhat.com>,
Andy Lutomirski <luto@amacapital.net>,
Andy Lutomirski <luto@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
Casey Schaufler <casey@schaufler-ca.com>,
Daniel Borkmann <daniel@iogearbox.net>,
David Drysdale <drysdale@google.com>,
Eric Paris <eparis@redhat.com>,
James Morris <james.l.morris@oracle.com>,
Jeff Dike <jdike@addtoit.com>, Julien Tinnes <jln@google.com>,
Michael Kerrisk <mtk@man7.org>, Paul Moore <pmoore@redhat.com>,
Richard Weinberger <richard@nod.at>,
"Serge E . Hallyn" <serge@hallyn.com>,
Stephen Smalley <sds@tycho.nsa.gov>,
Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
Will Drewry <wad@chromium.org>,
Linux API <linux-api@vger.kernel.org>,
"kernel-hardening@lists.openwall.com"
<kernel-hardening@lists.openwall.com>,
Shuah Khan <shuahkh@osg.samsung.com>
Subject: [kernel-hardening] Re: [RFC v1 04/17] selftest/seccomp: Fix the seccomp(2) signature
Date: Tue, 29 Mar 2016 09:38:52 -0600 [thread overview]
Message-ID: <56FAA18C.4040406@osg.samsung.com> (raw)
In-Reply-To: <CAGXu5jK-phbh+fADwAyK__ac_Zxezeo1mpbDPtfQNqK8=7X0wQ@mail.gmail.com>
On 03/23/2016 10:36 PM, Kees Cook wrote:
> On Wed, Mar 23, 2016 at 6:46 PM, Mickaël Salaün <mic@digikod.net> wrote:
>> Signed-off-by: Mickaël Salaün <mic@digikod.net>
>> Cc: Kees Cook <keescook@chromium.org>
>> Cc: Andy Lutomirski <luto@amacapital.net>
>> Cc: Will Drewry <wad@chromium.org>
>
> Another good catch. Shuah, can you take this one too?
>
> Acked-by: Kees Cook <keescook@chromium.org>
>
> -Kees
Hi Michael,
Could you please send me the patch. I can't find it in my Inbox. I can get
this into rc-2 with Kees Cook's ack.
thanks,
-- Shuah
>
>> ---
>> tools/testing/selftests/seccomp/seccomp_bpf.c | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
>> index 9c1460f277c2..150829dd7998 100644
>> --- a/tools/testing/selftests/seccomp/seccomp_bpf.c
>> +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
>> @@ -1502,10 +1502,10 @@ TEST_F(TRACE_syscall, syscall_dropped)
>> #endif
>>
>> #ifndef seccomp
>> -int seccomp(unsigned int op, unsigned int flags, struct sock_fprog *filter)
>> +int seccomp(unsigned int op, unsigned int flags, void *args)
>> {
>> errno = 0;
>> - return syscall(__NR_seccomp, op, flags, filter);
>> + return syscall(__NR_seccomp, op, flags, args);
>> }
>> #endif
>>
>> --
>> 2.8.0.rc3
>>
>
>
>
WARNING: multiple messages have this Message-ID (diff)
From: Shuah Khan <shuahkh@osg.samsung.com>
To: "Kees Cook" <keescook@chromium.org>, "Mickaël Salaün" <mic@digikod.net>
Cc: linux-security-module <linux-security-module@vger.kernel.org>,
Andreas Gruenbacher <agruenba@redhat.com>,
Andy Lutomirski <luto@amacapital.net>,
Andy Lutomirski <luto@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
Casey Schaufler <casey@schaufler-ca.com>,
Daniel Borkmann <daniel@iogearbox.net>,
David Drysdale <drysdale@google.com>,
Eric Paris <eparis@redhat.com>,
James Morris <james.l.morris@oracle.com>,
Jeff Dike <jdike@addtoit.com>, Julien Tinnes <jln@google.com>,
Michael Kerrisk <mtk@man7.org>, Paul Moore <pmoore@redhat.com>,
Richard Weinberger <richard@nod.at>,
"Serge E . Hallyn" <serge@hallyn.com>,
Stephen Smalley <sds@tycho.nsa.gov>,
Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
Will Drewry <wad@chromium.org>,
Linux API <linux-api@vger.kernel.org>,
"kernel-hardening@lists.openwall.com"
<kernel-hardening@lists.openwall.com>,
Shuah Khan <shuahkh@osg.samsung>
Subject: Re: [RFC v1 04/17] selftest/seccomp: Fix the seccomp(2) signature
Date: Tue, 29 Mar 2016 09:38:52 -0600 [thread overview]
Message-ID: <56FAA18C.4040406@osg.samsung.com> (raw)
In-Reply-To: <CAGXu5jK-phbh+fADwAyK__ac_Zxezeo1mpbDPtfQNqK8=7X0wQ@mail.gmail.com>
On 03/23/2016 10:36 PM, Kees Cook wrote:
> On Wed, Mar 23, 2016 at 6:46 PM, Mickaël Salaün <mic@digikod.net> wrote:
>> Signed-off-by: Mickaël Salaün <mic@digikod.net>
>> Cc: Kees Cook <keescook@chromium.org>
>> Cc: Andy Lutomirski <luto@amacapital.net>
>> Cc: Will Drewry <wad@chromium.org>
>
> Another good catch. Shuah, can you take this one too?
>
> Acked-by: Kees Cook <keescook@chromium.org>
>
> -Kees
Hi Michael,
Could you please send me the patch. I can't find it in my Inbox. I can get
this into rc-2 with Kees Cook's ack.
thanks,
-- Shuah
>
>> ---
>> tools/testing/selftests/seccomp/seccomp_bpf.c | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
>> index 9c1460f277c2..150829dd7998 100644
>> --- a/tools/testing/selftests/seccomp/seccomp_bpf.c
>> +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
>> @@ -1502,10 +1502,10 @@ TEST_F(TRACE_syscall, syscall_dropped)
>> #endif
>>
>> #ifndef seccomp
>> -int seccomp(unsigned int op, unsigned int flags, struct sock_fprog *filter)
>> +int seccomp(unsigned int op, unsigned int flags, void *args)
>> {
>> errno = 0;
>> - return syscall(__NR_seccomp, op, flags, filter);
>> + return syscall(__NR_seccomp, op, flags, args);
>> }
>> #endif
>>
>> --
>> 2.8.0.rc3
>>
>
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2016-03-29 15:38 UTC|newest]
Thread overview: 78+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-24 1:46 [kernel-hardening] [RFC v1 00/17] seccomp-object: From attack surface reduction to sandboxing Mickaël Salaün
2016-03-24 1:46 ` Mickaël Salaün
2016-03-24 1:46 ` [kernel-hardening] [RFC v1 01/17] um: Export the sys_call_table Mickaël Salaün
2016-03-24 1:46 ` Mickaël Salaün
2016-03-24 1:46 ` [kernel-hardening] [RFC v1 02/17] seccomp: Fix typo Mickaël Salaün
2016-03-24 1:46 ` Mickaël Salaün
2016-03-24 1:46 ` [kernel-hardening] [RFC v1 03/17] selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC Mickaël Salaün
2016-03-24 1:46 ` Mickaël Salaün
2016-03-24 4:35 ` [kernel-hardening] " Kees Cook
2016-03-24 4:35 ` Kees Cook
2016-03-29 15:35 ` [kernel-hardening] " Shuah Khan
2016-03-29 15:35 ` Shuah Khan
2016-03-29 18:46 ` [kernel-hardening] [PATCH 1/2] " Mickaël Salaün
2016-03-29 18:46 ` Mickaël Salaün
2016-03-29 19:06 ` [kernel-hardening] " Shuah Khan
2016-03-29 19:06 ` Shuah Khan
2016-03-24 1:46 ` [kernel-hardening] [RFC v1 04/17] selftest/seccomp: Fix the seccomp(2) signature Mickaël Salaün
2016-03-24 1:46 ` Mickaël Salaün
2016-03-24 4:36 ` [kernel-hardening] " Kees Cook
2016-03-24 4:36 ` Kees Cook
2016-03-29 15:38 ` Shuah Khan [this message]
2016-03-29 15:38 ` Shuah Khan
2016-03-29 18:51 ` [kernel-hardening] [PATCH 2/2] " Mickaël Salaün
2016-03-29 18:51 ` Mickaël Salaün
2016-03-29 19:07 ` [kernel-hardening] " Shuah Khan
2016-03-29 19:07 ` Shuah Khan
2016-03-24 1:46 ` [kernel-hardening] [RFC v1 05/17] security/seccomp: Add LSM and create arrays of syscall metadata Mickaël Salaün
2016-03-24 1:46 ` Mickaël Salaün
2016-03-24 15:47 ` [kernel-hardening] " Casey Schaufler
2016-03-24 15:47 ` Casey Schaufler
2016-03-24 16:01 ` [kernel-hardening] " Casey Schaufler
2016-03-24 16:01 ` Casey Schaufler
2016-03-24 21:31 ` [kernel-hardening] " Mickaël Salaün
2016-03-24 21:31 ` Mickaël Salaün
2016-03-24 1:46 ` [kernel-hardening] [RFC v1 06/17] seccomp: Add the SECCOMP_ADD_CHECKER_GROUP command Mickaël Salaün
2016-03-24 1:46 ` Mickaël Salaün
2016-03-24 1:46 ` [kernel-hardening] [RFC v1 07/17] seccomp: Add seccomp object checker evaluation Mickaël Salaün
2016-03-24 1:46 ` Mickaël Salaün
2016-03-24 1:46 ` [kernel-hardening] [RFC v1 08/17] selftest/seccomp: Remove unknown_ret_is_kill_above_allow test Mickaël Salaün
2016-03-24 1:46 ` Mickaël Salaün
2016-03-24 2:53 ` [kernel-hardening] [RFC v1 09/17] selftest/seccomp: Extend seccomp_data until matches[6] Mickaël Salaün
2016-03-24 2:53 ` Mickaël Salaün
2016-03-24 2:53 ` [kernel-hardening] [RFC v1 10/17] selftest/seccomp: Add field_is_valid_syscall test Mickaël Salaün
2016-03-24 2:53 ` Mickaël Salaün
2016-03-24 2:53 ` [kernel-hardening] [RFC v1 11/17] selftest/seccomp: Add argeval_open_whitelist test Mickaël Salaün
2016-03-24 2:53 ` Mickaël Salaün
2016-03-24 2:53 ` [kernel-hardening] [RFC v1 12/17] audit,seccomp: Extend audit with seccomp state Mickaël Salaün
2016-03-24 2:53 ` Mickaël Salaün
2016-03-24 2:53 ` [kernel-hardening] [RFC v1 13/17] selftest/seccomp: Rename TRACE_poke to TRACE_poke_sys_read Mickaël Salaün
2016-03-24 2:53 ` Mickaël Salaün
2016-03-24 2:53 ` [kernel-hardening] [RFC v1 14/17] selftest/seccomp: Make tracer_poke() more generic Mickaël Salaün
2016-03-24 2:53 ` Mickaël Salaün
2016-03-24 2:54 ` [kernel-hardening] [RFC v1 15/17] selftest/seccomp: Add argeval_toctou_argument test Mickaël Salaün
2016-03-24 2:54 ` Mickaël Salaün
2016-03-24 2:54 ` [kernel-hardening] [RFC v1 16/17] security/seccomp: Protect against filesystem TOCTOU Mickaël Salaün
2016-03-24 2:54 ` Mickaël Salaün
2016-03-24 2:54 ` [kernel-hardening] [RFC v1 17/17] selftest/seccomp: Add argeval_toctou_filesystem test Mickaël Salaün
2016-03-24 2:54 ` Mickaël Salaün
2016-03-24 16:24 ` [kernel-hardening] Re: [RFC v1 00/17] seccomp-object: From attack surface reduction to sandboxing Kees Cook
2016-03-24 16:24 ` Kees Cook
2016-03-27 5:03 ` [kernel-hardening] " Loganaden Velvindron
2016-03-27 5:03 ` Loganaden Velvindron
2016-04-20 18:21 ` Mickaël Salaün
2016-04-20 18:21 ` Mickaël Salaün
2016-04-26 22:46 ` [kernel-hardening] " Kees Cook
2016-04-26 22:46 ` Kees Cook
2016-04-28 2:36 ` [kernel-hardening] " Kees Cook
2016-04-28 2:36 ` Kees Cook
2016-04-28 23:45 ` [kernel-hardening] " Mickaël Salaün
2016-04-28 23:45 ` Mickaël Salaün
2016-05-21 12:58 ` [kernel-hardening] " Mickaël Salaün
2016-05-21 12:58 ` Mickaël Salaün
2016-05-02 22:19 ` [kernel-hardening] " James Morris
2016-05-02 22:19 ` James Morris
2016-05-21 15:19 ` [kernel-hardening] " Daniel Borkmann
2016-05-21 15:19 ` Daniel Borkmann
2016-05-22 21:30 ` [kernel-hardening] " Mickaël Salaün
2016-05-22 21:30 ` Mickaël Salaün
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56FAA18C.4040406@osg.samsung.com \
--to=shuahkh@osg.samsung.com \
--cc=agruenba@redhat.com \
--cc=arnd@arndb.de \
--cc=casey@schaufler-ca.com \
--cc=daniel@iogearbox.net \
--cc=drysdale@google.com \
--cc=eparis@redhat.com \
--cc=james.l.morris@oracle.com \
--cc=jdike@addtoit.com \
--cc=jln@google.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=mic@digikod.net \
--cc=mtk@man7.org \
--cc=penguin-kernel@i-love.sakura.ne.jp \
--cc=pmoore@redhat.com \
--cc=richard@nod.at \
--cc=sds@tycho.nsa.gov \
--cc=serge@hallyn.com \
--cc=wad@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.