Re: Magic Security Dust: Appropriating SECCOMP

From: Andi Kleen
Date: Wed Jun 24 2009 - 03:22:48 EST


David Thomas <davidleothomas@xxxxxxxxx> writes:

Normally it's better if you post example patches, even
if they're unclean.

> Moving the checks from the audit/trace code out to the
> individual syscalls means that each syscall we're doing one

Not sure that's a good idea. It would be lot of code churn
all over the tree and risk of not covering some new syscalls.

What I would do if I wanted a more flexible seccomp is to have a
"one bit for each syscall" bitmap (or rather two one for compat
another for non compat) that is checked by the audit code
and then just check all syscalls against that big bitmap.
Then have some way to configure that bitmap for groups
of processes.

-Andi


--
ak@xxxxxxxxxxxxxxx -- Speaking for myself only.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/