From: "Indan Zupancic" <indan@nul.nu>
To: "Andrew Morton" <akpm@linux-foundation.org>
Cc: "Kees Cook" <keescook@chromium.org>,
"Stephen Rothwell" <sfr@canb.auug.org.au>,
"Will Drewry" <wad@chromium.org>,
linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org,
linux-doc@vger.kernel.org, kernel-hardening@lists.openwall.com,
netdev@vger.kernel.org, x86@kernel.org, arnd@arndb.de,
davem@davemloft.net, hpa@zytor.com, mingo@redhat.com,
oleg@redhat.com, peterz@infradead.org, rdunlap@xenotime.net,
mcgrathr@chromium.org, tglx@linutronix.de, luto@mit.edu,
eparis@redhat.com, serge.hallyn@canonical.com, djm@mindrot.org,
scarybeasts@gmail.com, pmoore@redhat.com, corbet@lwn.net,
eric.dumazet@gmail.com, markus@chromium.org,
coreyb@linux.vnet.ibm.com
Subject: Re: [PATCH v12 01/13] sk_run_filter: add support for custom load_pointer
Date: Fri, 2 Mar 2012 05:04:41 +0100 [thread overview]
Message-ID: <eba2ab81bc32f208b8b94fd959fd7f2f.squirrel@webmail.greenhost.nl> (raw)
In-Reply-To: <20120301171914.7c64f095.akpm@linux-foundation.org>
On Fri, March 2, 2012 02:19, Andrew Morton wrote:
> That assumes that we're going to merge this stuff into 3.4 - if we
> don't, unwrecker gets rewrecked and grumpy.
>
> I don't know if we're going to merge it into 3.4? I haven't been
> paying a lot of attention and haven't looked at the patches in a while.
I think it should be merged, but I think 3.5 is probably better.
This because we haven't heard anything from the networking people
about the BPF changes, and I'm also unsure if the current approach
is the best one: It both increases the filter.o size significantly
while slowing down sk_run_filter, while the point was to avoid both.
I'm trying to think of an alternative approach with lower impact.
The ptrace integration may need some more time to settle too, even
just to make sure the latest version does what needs to be done.
Both directly affect the user space ABI, so I think it's best to
not be too hasty with pushing this upstream. Waiting one release
while having a stable final patch gives people the chance to go
and try to use it for their purposes and thus both test the code
more and get experience with the ABI.
Greetings,
Indan
next prev parent reply other threads:[~2012-03-02 4:05 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-29 23:53 [PATCH v12 01/13] sk_run_filter: add support for custom load_pointer Will Drewry
2012-02-29 23:53 ` [PATCH v12 02/13] net/compat.c,linux/filter.h: share compat_sock_fprog Will Drewry
2012-02-29 23:53 ` [PATCH v12 03/13] seccomp: kill the seccomp_t typedef Will Drewry
2012-02-29 23:53 ` [PATCH v12 04/13] asm/syscall.h: add syscall_get_arch Will Drewry
2012-02-29 23:53 ` [PATCH v12 05/13] arch/x86: add syscall_get_arch to syscall.h Will Drewry
2012-02-29 23:53 ` [PATCH v12 06/13] seccomp: add system call filtering using BPF Will Drewry
2012-03-02 5:45 ` Indan Zupancic
2012-03-02 5:52 ` H. Peter Anvin
2012-03-02 6:43 ` Indan Zupancic
2012-03-02 6:55 ` H. Peter Anvin
2012-03-02 8:12 ` Indan Zupancic
2012-03-02 18:44 ` [kernel-hardening] " Will Drewry
2012-02-29 23:53 ` [PATCH v12 07/13] seccomp: add SECCOMP_RET_ERRNO Will Drewry
2012-03-02 18:24 ` Serge E. Hallyn
2012-03-05 21:03 ` Will Drewry
2012-03-05 21:13 ` Serge Hallyn
2012-02-29 23:53 ` [PATCH v12 08/13] signal, x86: add SIGSYS info and make it synchronous Will Drewry
2012-02-29 23:53 ` [PATCH v12 09/13] seccomp: Add SECCOMP_RET_TRAP Will Drewry
2012-02-29 23:53 ` [PATCH v12 10/13] ptrace,seccomp: Add PTRACE_SECCOMP support Will Drewry
2012-02-29 23:53 ` [PATCH v12 11/13] x86: Enable HAVE_ARCH_SECCOMP_FILTER Will Drewry
2012-02-29 23:53 ` [PATCH v12 12/13] Documentation: prctl/seccomp_filter Will Drewry
2012-02-29 23:53 ` [PATCH v12 13/13] seccomp: remove duplicated failure logging Will Drewry
2012-03-01 23:37 ` [PATCH v12 01/13] sk_run_filter: add support for custom load_pointer Kees Cook
2012-03-02 0:05 ` H. Peter Anvin
2012-03-02 0:22 ` Andrew Lutomirski
2012-03-02 0:47 ` Stephen Rothwell
2012-03-02 0:57 ` Kees Cook
2012-03-02 1:19 ` Andrew Morton
2012-03-02 2:39 ` Will Drewry
2012-03-02 4:04 ` Indan Zupancic [this message]
2012-03-02 5:03 ` Stephen Rothwell
2012-03-02 5:26 ` Kees Cook
2012-03-02 1:48 ` Andrew Lutomirski
2012-03-02 3:10 ` Stephen Rothwell
2012-03-02 3:41 ` Will Drewry
2012-03-02 3:57 ` Stephen Rothwell
2012-03-02 0:47 ` Eric Dumazet
2012-03-02 10:40 ` Indan Zupancic
2012-03-02 18:47 ` Will Drewry
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=eba2ab81bc32f208b8b94fd959fd7f2f.squirrel@webmail.greenhost.nl \
--to=indan@nul.nu \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=corbet@lwn.net \
--cc=coreyb@linux.vnet.ibm.com \
--cc=davem@davemloft.net \
--cc=djm@mindrot.org \
--cc=eparis@redhat.com \
--cc=eric.dumazet@gmail.com \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@mit.edu \
--cc=markus@chromium.org \
--cc=mcgrathr@chromium.org \
--cc=mingo@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=oleg@redhat.com \
--cc=peterz@infradead.org \
--cc=pmoore@redhat.com \
--cc=rdunlap@xenotime.net \
--cc=scarybeasts@gmail.com \
--cc=serge.hallyn@canonical.com \
--cc=sfr@canb.auug.org.au \
--cc=tglx@linutronix.de \
--cc=wad@chromium.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox