Re: [PATCH V2 1/3] seccomp: add generic code for jitted seccomp filters.

From: Kees Cook
Date: Mon Apr 01 2013 - 17:53:15 EST

Next message: Namhyung Kim: "Re: [PATCH 03/27] perf tools: Move arch check into config/Makefile"
Previous message: Martin Mokrejs: "Re: [Update][PATCH] PCI / PM: Disable runtime PM of PCIe ports"
Next in thread: Will Drewry: "Re: [PATCH V2 1/3] seccomp: add generic code for jitted seccomp filters."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Mar 18, 2013 at 7:50 AM, Nicolas Schichan <nschichan@xxxxxxxxxx> wrote:
> Architecture must select HAVE_SECCOMP_FILTER_JIT and implement
> seccomp_jit_compile() and seccomp_jit_free() if they intend to support
> jitted seccomp filters.
>
> struct seccomp_filter has been moved to <linux/seccomp.h> to make its
> content available to the jit compilation code.
>
> In a way similar to the net BPF, the jit compilation code is expected
> to updates struct seccomp_filter.bpf_func pointer to the generated
> code.
>
> Signed-off-by: Nicolas Schichan <nschichan@xxxxxxxxxx>

Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>

I'd love to see this for x86 too. I suspect it'd be a small change
after this series lands.

Thanks,

-Kees

--
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Namhyung Kim: "Re: [PATCH 03/27] perf tools: Move arch check into config/Makefile"
Previous message: Martin Mokrejs: "Re: [Update][PATCH] PCI / PM: Disable runtime PM of PCIe ports"
Next in thread: Will Drewry: "Re: [PATCH V2 1/3] seccomp: add generic code for jitted seccomp filters."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]