On Wed, Aug 26, 2020 at 12:40:24PM -0700, Kees Cook wrote: > On Wed, Aug 26, 2020 at 10:47:36AM -0600, Jens Axboe wrote: > > On 8/25/20 9:20 AM, Stefano Garzarella wrote: > > > Hi Jens, > > > this is a gentle ping. > > > > > > I'll respin, using memdup_user() for restriction registration. > > > I'd like to get some feedback to see if I should change anything else. > > > > > > Do you think it's in good shape? > > > > As far as I'm concerned, this is fine. But I want to make sure that Kees > > is happy with it, as he's the one that's been making noise on this front. > > Oop! Sorry, I didn't realize this was blocked on me. Once I saw how > orthogonal io_uring was to "regular" process trees, I figured this > series didn't need seccomp input. (I mean, I am still concerned about > attack surface reduction, but that seems like a hard problem given > io_uring's design -- it is, however, totally covered by the LSMs, so I'm > satisfied from that perspective.) > > I'll go review... thanks for the poke. :) > Jens, Kees, thanks for your feedbacks! I'll send v5 adding the values to the enumerations. Stefano
