On Wed, Aug 26, 2020 at 10:47:36AM -0600, Jens Axboe wrote: > On 8/25/20 9:20 AM, Stefano Garzarella wrote: > > Hi Jens, > > this is a gentle ping. > > > > I'll respin, using memdup_user() for restriction registration. > > I'd like to get some feedback to see if I should change anything else. > > > > Do you think it's in good shape? > > As far as I'm concerned, this is fine. But I want to make sure that Kees > is happy with it, as he's the one that's been making noise on this front. Oop! Sorry, I didn't realize this was blocked on me. Once I saw how orthogonal io_uring was to "regular" process trees, I figured this series didn't need seccomp input. (I mean, I am still concerned about attack surface reduction, but that seems like a hard problem given io_uring's design -- it is, however, totally covered by the LSMs, so I'm satisfied from that perspective.) I'll go review... thanks for the poke. :) -- Kees Cook
