On Mon, Oct 26, 2015 at 3:46 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote: > On Mon, Oct 26, 2015 at 12:39 AM, Oleg Nesterov <oleg@xxxxxxxxxx> wrote: >> On 10/21, Tycho Andersen wrote: >>> >>> > And this leads to another question... If we expect that this interface >>> > can change later, then perhaps PTRACE_SECCOMP_GET_FILTER should also >>> > dump some header before copy_to_user(fprog->filter) ? Say, just >>> > "unsigned long version" == 0 for now. So that we can avoid >>> > PTRACE_SECCOMP_GET_FILTER_V2 in future. >>> >>> So this is interesting. Like Kees mentioned, the bulk of the work >>> would be done by the bpf syscall. We'd still need some way to get >>> access to the fd itself, which we could (ab)use >>> PTRACE_SECCOMP_GET_FILTER for, by returning the fd + BPF_MAXINSNS (so >>> that it doesn't conflict with length) or something like that. Or add a >>> _V2 as you say. If there is some change we can make to have a nicer >>> interface than fd + BPF_MAXINSNS to future proof, I'm fine with making >>> it. >> >> Can't comment, this is up to you/Kees ;) >> >> So, just in case, let me repeat I am fine with this patch. > > Cool, thanks. I'll get this into my tree after kernel summit. Thanks > for suffering through all this Tycho! Actually, since this depends on changes in net, could this get pulled in from that direction? Acked-by: Kees Cook <keescook@xxxxxxxxxxxx> -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html