[GIT PULL] seccomp updates for v5.14-rc1
From: Kees Cook
Date: Mon Jun 28 2021 - 15:57:42 EST
Hi Linus,
Please pull these seccomp updates for v5.14-rc1. Note that the commit
dates show "today", but this has been in -next for a while. I didn't
correctly manage my "for-linus/seccomp" fixes branch (which this is
based on) that was pulled for v5.13-rc4.
Thanks!
-Kees
The following changes since commit ddc473916955f7710d1eb17c1273d91c8622a9fe:
seccomp: Refactor notification handler to prepare for new semantics (2021-05-29 11:13:27 -0700)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/seccomp-v5.14-rc1
for you to fetch changes up to 9a03abc16c77062c73972df08206f1031862d9b4:
selftests/seccomp: Avoid using "sysctl" for report (2021-06-28 12:49:52 -0700)
----------------------------------------------------------------
seccomp updates for v5.14-rc1
Add "atomic addfd + send reply" mode to SECCOMP_USER_NOTIF to better
handle EINTR races visible to seccomp monitors. (Rodrigo Campos,
Sargun Dhillon)
Improve seccomp selftests for readability in CI systems. (Kees Cook)
----------------------------------------------------------------
Kees Cook (3):
selftests/seccomp: More closely track fds being assigned
selftests/seccomp: Flush benchmark output
selftests/seccomp: Avoid using "sysctl" for report
Rodrigo Campos (2):
seccomp: Support atomic "addfd + send reply"
selftests/seccomp: Add test for atomic addfd+send
Documentation/userspace-api/seccomp_filter.rst | 12 +++++
include/uapi/linux/seccomp.h | 1 +
kernel/seccomp.c | 51 +++++++++++++++++++---
.../testing/selftests/seccomp/seccomp_benchmark.c | 10 ++++-
tools/testing/selftests/seccomp/seccomp_bpf.c | 51 ++++++++++++++++++++--
5 files changed, 113 insertions(+), 12 deletions(-)
--
Kees Cook