Re: [PATCH v3 0/2] seccomp: pass uretprobe system call through seccomp

[Kees Cook]

On Sun, 02 Feb 2025 08:29:19 -0800, Eyal Birger wrote:
> uretprobe(2) is an performance enhancement system call added to improve
> uretprobes on x86_64.
> 
> Confinement environments such as Docker are not aware of this new system
> call and kill confined processes when uretprobes are attached to them.
> 
> Since uretprobe is a "kernel implementation detail" system call which is
> not used by userspace application code directly, pass this system call
> through seccomp without forcing existing userspace confinement environments
> to be changed.
> 
> [...]

With the changes I mentioned in each patch, I've applied this to
for-next/seccomp, with the intention of getting them into v6.14-rc2.

Thanks!

[1/2] seccomp: passthrough uretprobe systemcall without filtering
      https://git.kernel.org/kees/c/cf6cb56ef244
[2/2] selftests/seccomp: validate uretprobe syscall passes through seccomp
      https://git.kernel.org/kees/c/c2debdb8544f

Take care,

-- 
Kees Cook