Re: [PATCH 00/12] Rework stub syscall and page table handling

[Benjamin Berg <benjamin@sipsolutions.net>]

Hi Tiwei,

On Mon, 2024-04-22 at 10:35 +0800, Tiwei Bie wrote:
> On 4/18/24 5:23 PM, benjamin@sipsolutions.net wrote:
> > From: Benjamin Berg <benjamin.berg@intel.com>
> > 
> > This patchset reworks the stub syscall handling and also redos how page
> > table updates are tracked and synchronized. Some of this originated in
> > the SECCOMP patchset, but it became clear that these refactorings make
> > sense independently as they result in a considerably fewer page faults.
> 
> I saw your SECCOMP patchset. It's pretty cool! Just wondering if you're about
> to post a new version soon. :)

I am planning to work on it again, but it is not very high on my
priority list. So, could be quite soon or some months :-)

In the ARM support thread ("UML for arm64"), there were some ideas to
use FD passing in order to protect memory mappings better. Doing that
should allow the SECCOMP approach to scale to SMP and will also
simplify the security model.

Making those changes will take a bit of thought and experimentation.
Nothing really big though, it pretty much boils down to using sockets
for (some of) the synchronization and replacing mprotect with mmap so
the FD can authorize the operation.

> PS. Just FYI, gVisor also implemented a SECCOMP based platform which is
> also very interesting:
> 
> https://gvisor.dev/blog/2023/04/28/systrap-release/
> https://github.com/google/gvisor/tree/master/pkg/sentry/platform/systrap

It is a good choice if you want to catch syscalls and do some custom
handling in userspace. Just annoying that it is still stuck on classic
BPF :-)

Benjamin