Re: [RFC PATCH v3 2/3] seccomp: add kernel-installed pinned-memfd redirect

Next message: patchwork-bot+netdevbpf: "Re: [PATCH net v2] net: usb: lan78xx: restore VLAN and hash filters after link up"
Previous message: Eric Biggers: "Re: [PATCH] fscrypt,f2fs: introduce fscrypt_finalize_bounce_folio() for cleanup"
In reply to: Cong Wang: "Re: [RFC PATCH v3 2/3] seccomp: add kernel-installed pinned-memfd redirect"
Next in thread: Cong Wang: "Re: [RFC PATCH v3 2/3] seccomp: add kernel-installed pinned-memfd redirect"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Cong Wang

Date: Tue Jun 23 2026 - 19:30:00 EST

Hi Kees,

On Tue, Jun 23, 2026 at 12:11 PM Kees Cook <kees@xxxxxxxxxx> wrote:
>
> On Tue, Jun 23, 2026 at 12:02:32PM -0700, Andy Lutomirski wrote:
> > I'm really not convinced that the min is needed to preserve any useful
> > behavior. But Kees is very conservative about these things, with good
> > reason.
>
> What is going to use this feature? I'd rather not try to have a USER_NOTIF
> security boundary since there are so many corner cases.

Sandlock [1] will be the first user once accepted by upstream. Currently
I had to workaround this with an ugly ptrace (which is also obviously slow).

1. https://github.com/multikernel/sandlock

Regards,
Cong