From: "H. Peter Anvin" <hpa@zytor.com>
To: Richard Guy Briggs <rgb@redhat.com>,
linux-audit@redhat.com, linux-kernel@vger.kernel.org
Cc: Paul Moore <pmoore@redhat.com>, Eric Paris <eparis@redhat.com>,
Al Viro <aviro@redhat.com>, Will Drewry <wad@chromium.org>
Subject: Re: [PATCH 2/3] [RFC] seccomp: give BPF x32 bit when restoring x32 filter
Date: Thu, 10 Jul 2014 21:06:02 -0700 [thread overview]
Message-ID: <53BF62AA.20105@zytor.com> (raw)
In-Reply-To: <6a69eb94b4cfac5f94b229c2eb2ebc402aac722a.1405023592.git.rgb@redhat.com>
On 07/10/2014 08:38 PM, Richard Guy Briggs wrote:
> Commit
> fca460f hpa@zytor.com 2012-02-19 07:56:26 -0800
> x32: Handle the x32 system call flag
>
> provided a method to multiplex architecture with the syscall number for X32
> calls.
>
> Commit
> 8b4b9f2 pmoore@redhat.com 2013-02-15 12:21:43 -0500
> x86: remove the x32 syscall bitmask from syscall_get_nr()
>
> broke audit and potentially other users of syscall_get_nr() which depend on
> that call as named.
>
> Commit
> audit: add AUDIT_ARCH_X86_X32 arch definition
>
> is required to provide the new ARCH definition AUDIT_ARCH_X86_X32 for
> syscall_get_arch().
>
> This patch along with reverting 8b4b9f2 should satisfy other regular users of
> syscall_get_nr() without changing the seccomp interface to BPF.
>
Incidentally: do seccomp users know that on an x86-64 system you can
recevie system calls from any of the x86 architectures, regardless of
how the program is invoked? (This is unusual, so normally denying those
"alien" calls is the right thing to do.)
-hpa
next prev parent reply other threads:[~2014-07-11 4:06 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-11 3:38 [PATCH 0/3] [RFC] X32: fix syscall_get_nr while not breaking seccomp BPF Richard Guy Briggs
2014-07-11 3:38 ` [PATCH 1/3] [RFC] audit: add AUDIT_ARCH_X86_X32 arch definition Richard Guy Briggs
2014-07-11 16:15 ` Paul Moore
2014-07-11 3:38 ` [PATCH 2/3] [RFC] seccomp: give BPF x32 bit when restoring x32 filter Richard Guy Briggs
2014-07-11 4:06 ` H. Peter Anvin [this message]
2014-07-11 16:11 ` Paul Moore
2014-07-11 16:13 ` H. Peter Anvin
2014-07-11 16:16 ` Eric Paris
2014-07-11 16:21 ` Paul Moore
2014-07-11 16:23 ` Eric Paris
2014-07-11 16:30 ` H. Peter Anvin
2014-07-11 16:32 ` Paul Moore
2014-07-11 18:31 ` Eric Paris
2014-07-11 19:36 ` Paul Moore
2014-07-11 22:48 ` Kees Cook
2014-07-11 22:52 ` Kees Cook
2014-07-11 22:55 ` H. Peter Anvin
2014-07-11 23:02 ` Kees Cook
2014-07-11 23:12 ` Andy Lutomirski
2014-07-11 16:36 ` Paul Moore
2014-07-11 16:44 ` H. Peter Anvin
2014-07-11 3:38 ` [PATCH 3/3] [RFC] Revert "x86: remove the x32 syscall bitmask from syscall_get_nr()" Richard Guy Briggs
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53BF62AA.20105@zytor.com \
--to=hpa@zytor.com \
--cc=aviro@redhat.com \
--cc=eparis@redhat.com \
--cc=linux-audit@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pmoore@redhat.com \
--cc=rgb@redhat.com \
--cc=wad@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox