On Tue, Sep 15, 2015 at 9:07 AM, Tycho Andersen
<tycho.andersen@xxxxxxxxxxxxx> wrote:
> Hi Andy,
>
> On Mon, Sep 14, 2015 at 10:52:46AM -0700, Andy Lutomirski wrote:
>>
>> I'm not sure I entirely like this solution...
>
> Ok. Since we also aren't going to do all the eBPF stuff now, how about
> something that looks like this:
>
> struct seccomp_layer {
> unsigned int size;
> unsigned int type; /* SECCOMP_BPF_CLASSIC or SECCOMP_EBPF or ... */
> bool inherited;
> union {
> unsigned int insn_cnt;
> struct bpf_insn *insns;
> };
> };
>
> with a ptrace command:
>
> ptrace(PTRACE_SECCOMP_DUMP_LAYER, pid, i, &layer);
>
> If we save a pointer to the current seccomp filter on fork (if there
> is one), then I think the inherited flag is just,
>
> inherited = is_ancestor(child->seccomp.filter, child->seccomp.inherited_filter)
>
I'm lost. What is the inherited flag for?
--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-api" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
