From: "H. Peter Anvin" <hpa@zytor.com>
To: Kees Cook <keescook@chromium.org>
Cc: Will Drewry <wad@chromium.org>, Andrew Lutomirski <luto@mit.edu>,
Indan Zupancic <indan@nul.nu>,
linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org,
linux-doc@vger.kernel.org, kernel-hardening@lists.openwall.com,
netdev@vger.kernel.org, x86@kernel.org, arnd@arndb.de,
davem@davemloft.net, mingo@redhat.com, oleg@redhat.com,
peterz@infradead.org, rdunlap@xenotime.net,
mcgrathr@chromium.org, tglx@linutronix.de, eparis@redhat.com,
serge.hallyn@canonical.com, djm@mindrot.org,
scarybeasts@gmail.com, pmoore@redhat.com,
akpm@linux-foundation.org, corbet@lwn.net,
eric.dumazet@gmail.com, markus@chromium.org
Subject: Re: [PATCH v10 07/11] signal, x86: add SIGSYS info and make it synchronous.
Date: Wed, 22 Feb 2012 16:29:46 -0800 [thread overview]
Message-ID: <4F45887A.5010809@zytor.com> (raw)
In-Reply-To: <CAGXu5j+fQqkrrKSm3kmCkCcZJKo-VZjL6kkrOD81LZYBY7tf2g@mail.gmail.com>
On 02/22/2012 04:08 PM, Kees Cook wrote:
>>
>> Hrm, it might be possible to do_exit(SIGSYS) which would be both. It
>> looks like tsk->exit_code would be SIGSYS then, but I'll look a little
>> more closely to see what that'll actually do.
>
> As long as there's no way it can get blocked, I'd be fine with that.
> It would, actually, be better than SIGKILL because, as Andy said, it's
> more distinguishable from other situations. I've long wanted a signal
> to be used for "violated policy" that wasn't just a straight SIGKILL.
>
Can we really introduce force-kill semantics for a POSIX-defined signal?
Other user space programs might use it for other purposes.
I'm wondering if the right thing may be to introduce some variant of
exit() which can return more information about a signal, including some
kind of cause code for SIGKILL?
-hpa
--
H. Peter Anvin, Intel Open Source Technology Center
I work for Intel. I don't speak on their behalf.
next prev parent reply other threads:[~2012-02-23 0:29 UTC|newest]
Thread overview: 98+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-21 17:30 [PATCH v10 01/11] sk_run_filter: add support for custom load_pointer Will Drewry
2012-02-21 17:30 ` Will Drewry
2012-02-21 17:30 ` [PATCH v10 02/11] seccomp: kill the seccomp_t typedef Will Drewry
2012-02-21 17:30 ` Will Drewry
2012-02-21 17:30 ` [PATCH v10 03/11] asm/syscall.h: add syscall_get_arch Will Drewry
2012-02-21 17:30 ` Will Drewry
2012-02-21 18:46 ` Roland McGrath
2012-02-21 18:46 ` Roland McGrath
2012-02-21 18:57 ` Will Drewry
2012-02-21 18:57 ` Will Drewry
2012-02-21 19:01 ` [PATCH v11 " Will Drewry
2012-02-21 19:01 ` Will Drewry
2012-02-21 17:30 ` [PATCH v10 04/11] arch/x86: add syscall_get_arch to syscall.h Will Drewry
2012-02-21 17:30 ` Will Drewry
2012-02-21 17:30 ` [PATCH v10 05/11] seccomp: add system call filtering using BPF Will Drewry
2012-02-21 17:30 ` Will Drewry
2012-02-22 6:32 ` H. Peter Anvin
2012-02-22 6:32 ` H. Peter Anvin
2012-02-22 19:48 ` Will Drewry
2012-02-22 19:48 ` Will Drewry
2012-02-22 8:19 ` Indan Zupancic
2012-02-22 8:19 ` Indan Zupancic
2012-02-22 14:23 ` Ben Hutchings
2012-02-22 19:47 ` Will Drewry
2012-02-22 19:47 ` Will Drewry
2012-02-22 23:46 ` Indan Zupancic
2012-02-22 23:46 ` Indan Zupancic
2012-02-22 23:51 ` Andrew Lutomirski
2012-02-22 23:51 ` Andrew Lutomirski
2012-02-23 0:08 ` Indan Zupancic
2012-02-23 1:07 ` H. Peter Anvin
2012-02-23 1:07 ` H. Peter Anvin
2012-02-22 23:03 ` Indan Zupancic
2012-02-22 19:47 ` Will Drewry
2012-02-22 19:47 ` Will Drewry
2012-02-22 19:53 ` H. Peter Anvin
2012-02-22 19:53 ` H. Peter Anvin
2012-02-22 20:01 ` Will Drewry
2012-02-22 20:01 ` Will Drewry
2012-02-23 0:25 ` Indan Zupancic
2012-02-21 17:30 ` [PATCH v10 06/11] seccomp: add SECCOMP_RET_ERRNO Will Drewry
2012-02-21 17:30 ` Will Drewry
2012-02-21 22:41 ` Kees Cook
2012-02-21 22:41 ` Kees Cook
2012-02-21 22:48 ` Will Drewry
2012-02-21 17:30 ` [PATCH v10 07/11] signal, x86: add SIGSYS info and make it synchronous Will Drewry
2012-02-21 17:30 ` Will Drewry
2012-02-22 8:34 ` Indan Zupancic
2012-02-22 8:34 ` Indan Zupancic
2012-02-22 19:48 ` Will Drewry
2012-02-22 19:48 ` Will Drewry
2012-02-22 23:38 ` Andrew Lutomirski
2012-02-22 23:38 ` Andrew Lutomirski
2012-02-22 23:53 ` Kees Cook
2012-02-22 23:53 ` Kees Cook
2012-02-23 0:05 ` Will Drewry
2012-02-23 0:05 ` Will Drewry
2012-02-23 0:08 ` Kees Cook
2012-02-23 0:08 ` Kees Cook
2012-02-23 0:29 ` H. Peter Anvin [this message]
2012-02-23 0:29 ` H. Peter Anvin
2012-02-23 0:50 ` Roland McGrath
2012-02-23 1:06 ` H. Peter Anvin
2012-02-23 1:06 ` H. Peter Anvin
2012-02-23 17:38 ` Roland McGrath
2012-02-23 17:38 ` Roland McGrath
2012-02-23 19:26 ` Will Drewry
2012-02-23 19:26 ` Will Drewry
2012-02-23 22:15 ` Indan Zupancic
2012-02-23 22:15 ` Indan Zupancic
2012-02-23 22:33 ` Markus Gutschke
2012-02-23 22:33 ` Markus Gutschke
2012-02-23 22:36 ` Will Drewry
2012-02-23 22:36 ` Will Drewry
2012-02-27 12:32 ` Indan Zupancic
2012-02-27 12:32 ` Indan Zupancic
2012-02-27 16:21 ` Will Drewry
2012-02-27 16:21 ` Will Drewry
2012-02-23 22:34 ` [kernel-hardening] " Will Drewry
2012-02-23 16:44 ` Will Drewry
2012-02-23 16:44 ` Will Drewry
2012-02-23 0:11 ` Roland McGrath
2012-02-23 0:11 ` Roland McGrath
2012-02-21 17:30 ` [PATCH v10 08/11] seccomp: Add SECCOMP_RET_TRAP Will Drewry
2012-02-21 17:30 ` Will Drewry
2012-02-21 17:30 ` [PATCH v10 09/11] ptrace,seccomp: Add PTRACE_SECCOMP support Will Drewry
2012-02-21 17:30 ` Will Drewry
2012-02-22 12:22 ` Indan Zupancic
2012-02-22 12:22 ` Indan Zupancic
2012-02-22 19:47 ` Will Drewry
2012-02-22 19:47 ` [kernel-hardening] " Will Drewry
2012-02-21 17:30 ` [PATCH v10 10/11] x86: Enable HAVE_ARCH_SECCOMP_FILTER Will Drewry
2012-02-21 17:30 ` Will Drewry
2012-02-21 17:30 ` [PATCH v10 11/11] Documentation: prctl/seccomp_filter Will Drewry
2012-02-21 17:30 ` Will Drewry
2012-02-21 23:12 ` Kees Cook
2012-02-21 23:12 ` Kees Cook
2012-02-22 3:41 ` Will Drewry
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4F45887A.5010809@zytor.com \
--to=hpa@zytor.com \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=corbet@lwn.net \
--cc=davem@davemloft.net \
--cc=djm@mindrot.org \
--cc=eparis@redhat.com \
--cc=eric.dumazet@gmail.com \
--cc=indan@nul.nu \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@mit.edu \
--cc=markus@chromium.org \
--cc=mcgrathr@chromium.org \
--cc=mingo@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=oleg@redhat.com \
--cc=peterz@infradead.org \
--cc=pmoore@redhat.com \
--cc=rdunlap@xenotime.net \
--cc=scarybeasts@gmail.com \
--cc=serge.hallyn@canonical.com \
--cc=tglx@linutronix.de \
--cc=wad@chromium.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).