On Thu, Jul 30, 2015 at 11:21:54AM -0700, Kees Cook wrote: > I like this, it's a good description of both options. I'm still biased > about the approach: I prefer flags, since pointers to user structures > complicate syscall filtering. ;) Seems like we should do two things to make that easier: 1) Create a standardized kernel mechanism for parameter-struct handling, implementing the recommendations mentioned here. 2) Integrate into that mechanism a way to filter the resulting parameter struct with BPF *after* it has been copied to kernel space (and thus can no longer be tampered with). - Josh Triplett -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
