From: keescook@chromium.org (Kees Cook)
To: linux-security-module@vger.kernel.org
Subject: [PATCH v3 0/4] seccomp: Add SECCOMP_FILTER_FLAG_KILL_PROCESS
Date: Wed, 9 Aug 2017 12:01:53 -0700 [thread overview]
Message-ID: <1502305317-85052-1-git-send-email-keescook@chromium.org> (raw)
This series is the result of Fabricio and I going around a few times
on possible solutions for finding a way to enhance RET_KILL to kill
the process group. There's a lot of ways this could be done, but I
wanted something that felt cleanest. As it happens, Tyler's recent
patch series for logging improvement also needs to know a litte bit
more during filter runs, and the solution for both is to pass back
the matched filter. This lets us examine it here for RET_KILL and
in the future for logging changes.
The filter passing is patch 1, the new flag for RET_KILL is patch 2.
Some test refactoring is in patch 3 for the RET_DATA ordering, and
patch 4 is the test for the new RET_KILL flag.
One thing missing is that CRIU will likely need to be updated, since
saving/restoring seccomp filter _rules_ will not include the filter
_flags_ for a process. This can be addressed separately.
Please take a look!
Thanks,
-Kees
v3:
- adjust seccomp_run_filters() to avoid later filters from masking
kill-process RET_KILL actions (drewry)
- add test for masked RET_KILL.
v2:
- moved kill_process bool into struct padding gap (tyhicks)
- improved comments/docs in various places for clarify (tyhicks)
- use ASSERT_TRUE() for WIFEXITED and WIFSIGNALLED (tyhicks)
- adding Reviewed-bys from tyhicks
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next reply other threads:[~2017-08-09 19:01 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-09 19:01 Kees Cook [this message]
2017-08-09 19:01 ` [PATCH v3 1/4] seccomp: Provide matching filter for introspection Kees Cook
2017-08-09 19:01 ` [PATCH v3 2/4] seccomp: Add SECCOMP_FILTER_FLAG_KILL_PROCESS Kees Cook
[not found] ` <b1177c7d-7180-a5ad-881e-89ecbf5c80e2@canonical.com>
2017-08-11 18:32 ` Kees Cook
2017-08-09 19:01 ` [PATCH v3 3/4] selftests/seccomp: Refactor RET_ERRNO tests Kees Cook
2017-08-09 19:01 ` [PATCH v3 4/4] selftests/seccomp: Test thread vs process killing Kees Cook
2017-08-09 20:22 ` [PATCH v3 0/4] seccomp: Add SECCOMP_FILTER_FLAG_KILL_PROCESS Tycho Andersen
[not found] ` <a0bddc6f-686e-2a5a-4833-acf04a10722f@canonical.com>
2017-08-09 20:40 ` Kees Cook
2017-08-09 20:41 ` Tycho Andersen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1502305317-85052-1-git-send-email-keescook@chromium.org \
--to=keescook@chromium.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).