Re: [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE

[RFC][PATCH 0/8] seccomp: Implement constant action bitmaps · Kees Cook <hidden> · 2020-06-16
[PATCH 1/8] selftests/seccomp: Improve calibration loop · Kees Cook <hidden> · 2020-06-16
[PATCH 5/8] selftests/seccomp: Compare bitmap vs filter overhead · Kees Cook <hidden> · 2020-06-16
[PATCH 8/8] [DEBUG] seccomp: Report bitmap coverage ranges · Kees Cook <hidden> · 2020-06-16
[PATCH 7/8] x86: Enable seccomp constant action bitmaps · Kees Cook <hidden> · 2020-06-16
[PATCH 6/8] x86: Provide API for local kernel TLB flushing · Kees Cook <hidden> · 2020-06-16
Re: [PATCH 6/8] x86: Provide API for local kernel TLB flushing · Andy Lutomirski <luto@kernel.org> · 2020-06-16
Re: [PATCH 6/8] x86: Provide API for local kernel TLB flushing · Kees Cook <hidden> · 2020-06-16
[PATCH 4/8] seccomp: Implement constant action bitmaps · Kees Cook <hidden> · 2020-06-16
Re: [PATCH 4/8] seccomp: Implement constant action bitmaps · Jann Horn <jannh@google.com> · 2020-06-16
Re: [PATCH 4/8] seccomp: Implement constant action bitmaps · Kees Cook <hidden> · 2020-06-16
Re: [PATCH 4/8] seccomp: Implement constant action bitmaps · Jann Horn <jannh@google.com> · 2020-06-16
Re: [PATCH 4/8] seccomp: Implement constant action bitmaps · Kees Cook <hidden> · 2020-06-16
Re: [PATCH 4/8] seccomp: Implement constant action bitmaps · Andy Lutomirski <luto@amacapital.net> · 2020-06-16
Re: [PATCH 4/8] seccomp: Implement constant action bitmaps · Dave Hansen <hidden> · 2020-06-16
Re: [PATCH 4/8] seccomp: Implement constant action bitmaps · Kees Cook <hidden> · 2020-06-16
[PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE · Kees Cook <hidden> · 2020-06-16
Re: [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE · Andy Lutomirski <luto@amacapital.net> · 2020-06-16
Re: [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE · Jann Horn <jannh@google.com> · 2020-06-17
Re: [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE · Andy Lutomirski <luto@kernel.org> · 2020-06-17
Re: [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE · Jann Horn <jannh@google.com> · 2020-06-17
[PATCH 2/8] seccomp: Use pr_fmt · Kees Cook <hidden> · 2020-06-16
Re: [RFC][PATCH 0/8] seccomp: Implement constant action bitmaps · Andy Lutomirski <luto@kernel.org> · 2020-06-16
Re: [RFC][PATCH 0/8] seccomp: Implement constant action bitmaps · Kees Cook <hidden> · 2020-06-16

From: Jann Horn <jannh@google.com>
Date: 2020-06-17 15:32:31
Also in: linux-api, lkml

On Wed, Jun 17, 2020 at 5:30 PM Andy Lutomirski [off-list ref] wrote:

On Wed, Jun 17, 2020 at 8:25 AM Jann Horn [off-list ref] wrote:

quoted

On Tue, Jun 16, 2020 at 9:49 AM Kees Cook [off-list ref] wrote:

quoted

For systems that provide multiple syscall maps based on architectures
(e.g. AUDIT_ARCH_X86_64 and AUDIT_ARCH_I386 via CONFIG_COMPAT), allow
a fast way to pin the process to a specific syscall mapping, instead of
needing to generate all filters with an architecture check as the first
filter action.

This seems reasonable; but can we maybe also add X86-specific handling
for that X32 mess? AFAIK there are four ways to do syscalls with
AUDIT_ARCH_X86_64:

You're out of date :)  I fixed the mess.

commit 6365b842aae4490ebfafadfc6bb27a6d3cc54757
Author: Andy Lutomirski [off-list ref]
Date:   Wed Jul 3 13:34:04 2019 -0700

    x86/syscalls: Split the x32 syscalls into their own table

Oooooh, beautiful. Thank you very much for that.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help