On Thu, May 31, 2018 at 7:49 AM, Tycho Andersen <tycho@xxxxxxxx> wrote: > Hi all, > > Here's a v3 of the seccomp trap to userspace, with all the nits from v2 > fixed. Open questions from v2 are still: > > 1. is it ok not to use netlink? Yeah, I think there isn't a sensible way to reuse that API, which is too bad. Let's just try to keep this interface future-proofed. :) > 2. what should the fd passing API look like? (see patch notes on this > one for details of why the current one might (?) be a problem) The only thing in my mind is avoiding the problems with other fd passing API (e.g. when do rlimits get checked, etc). > As an added bonus, I've also written some stress testing, with lots of > tasks and listeners (1000 of each) sharing the same notification thread, > and not found any issues so far. Code is here: > https://github.com/tych0/kernel-utils/blob/master/seccomp/notify_stress.c > although I haven't included it in the patchset. That's excellent, thanks! > v2: https://lkml.org/lkml/2018/5/17/627 > > Tycho Andersen (4): > seccomp: add a return code to trap to userspace > seccomp: make get_nth_filter available outside of CHECKPOINT_RESTORE > seccomp: add a way to get a listener fd from ptrace > seccomp: add support for passing fds via USER_NOTIF I'm under a time crunch with the merge window, but after -rc2 I should have time to give this some close review. FWIW, I expect this to enter -next this cycle and get it into the 4.19 merge window: we need the feature and the alternatives have been well explored and don't look workable. Thanks for the series! -Kees -- Kees Cook Pixel Security _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
