Re: [PATCH v4 0/4] seccomp trap to userspace

From: Christian Brauner
Date: Mon Aug 06 2018 - 23:30:55 EST


On Mon, Aug 06, 2018 at 08:44:42PM -0600, Tycho Andersen wrote:
> Hi all,
>
> Dinesh Subhraveti has claimed that some part of this series might be
> patented. While he has not furnished me with anything to confirm this
> claim, I'll put this series on hold.

Hey man,

Sorry to hear that your faced with such nonsense, Tycho. This is utter
bullsh*t of course. If you have more details at some point and feel
comfortable doing so it would probably be good to share them here.

Christian

>
> Tycho
>
> On Thu, Jun 21, 2018 at 04:04:12PM -0600, Tycho Andersen wrote:
> > Hi all,
> >
> > Here's v4 of the seccomp trap to userspace series. v3 is here:
> > https://lkml.org/lkml/2018/5/31/527
> >
> > I believe we've addressed the two burning questions I had about v3: 1.
> > it seems ok not to use netlink, since there's not a great way to re-use
> > the API without a lot of unnecessary code and 2. only having return
> > capability for fds seems fine with people. Or at least I haven't heard
> > any strong objections.
> >
> > I've re-worked a bunch of things in this version based on feedback from
> > the last series. See patch notes for details. At this point I'm not
> > aware of anything that needs to be addressed, but of course that is
> > subject to change :)
> >
> > Tycho
> >
> > Tycho Andersen (4):
> > seccomp: add a return code to trap to userspace
> > seccomp: make get_nth_filter available outside of CHECKPOINT_RESTORE
> > seccomp: add a way to get a listener fd from ptrace
> > seccomp: add support for passing fds via USER_NOTIF
> >
> > .../userspace-api/seccomp_filter.rst | 79 +++
> > arch/Kconfig | 7 +
> > include/linux/seccomp.h | 18 +-
> > include/uapi/linux/ptrace.h | 2 +
> > include/uapi/linux/seccomp.h | 23 +-
> > kernel/ptrace.c | 4 +
> > kernel/seccomp.c | 491 ++++++++++++++-
> > tools/testing/selftests/seccomp/seccomp_bpf.c | 560 +++++++++++++++++-
> > 8 files changed, 1172 insertions(+), 12 deletions(-)
> >
> > --
> > 2.17.1
> >
> _______________________________________________
> Containers mailing list
> Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx
> https://lists.linuxfoundation.org/mailman/listinfo/containers