Re: [RFC PATCH net-next 0/6] seccomp filter JIT

From: Xi Wang
Date: Fri Apr 26 2013 - 08:32:25 EST

Next message: Arnd Bergmann: "Re: [PATCH 0/2] Early printk support for virtio console devices."
Previous message: Peter Zijlstra: "Re: [PATCH 03/14] sched: pack small tasks"
In reply to: Daniel Borkmann: "Re: [RFC PATCH net-next 0/6] seccomp filter JIT"
Next in thread: Daniel Borkmann: "Re: [RFC PATCH net-next 0/6] seccomp filter JIT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Apr 26, 2013 at 7:46 AM, Daniel Borkmann <dborkman@xxxxxxxxxx> wrote:
> I think BPF JIT for seccomp on ARM recently got applied to -mm tree
> if I'm not mistaken. It was from Nicolas Schichan (cc):
>
> http://thread.gmane.org/gmane.linux.ports.arm.kernel/233416/

Thanks for the pointer.

For the ARM part, looks like Nicolas's patch requires to implement two
wrappers for each arch:

void seccomp_jit_compile(struct seccomp_filter *fp);
void seccomp_jit_free(struct seccomp_filter *fp);

The implementation of these wrappers is almost identical to:

void bpf_jit_compile(struct sk_filter *fp);
void bpf_jit_free(struct sk_filter *fp);

While this patch uses a unified interface for both packet & seccomp filters.

bpf_func_t bpf_jit_compile(struct sock_filter *filter, unsigned int flen);
void bpf_jit_free(bpf_func_t bpf_func);

Shouldn't be hard to merge though.

- xi
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Arnd Bergmann: "Re: [PATCH 0/2] Early printk support for virtio console devices."
Previous message: Peter Zijlstra: "Re: [PATCH 03/14] sched: pack small tasks"
In reply to: Daniel Borkmann: "Re: [RFC PATCH net-next 0/6] seccomp filter JIT"
Next in thread: Daniel Borkmann: "Re: [RFC PATCH net-next 0/6] seccomp filter JIT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]