Re: [RFC PATCH v3 2/3] seccomp: add kernel-installed pinned-memfd redirect

Next message: Amirreza Zarrabi: "Re: [PATCH v1] tee: qcomtee: Drop unused assignment of platform_device_id driver data"
Previous message: tze . yee . ng: "[PATCH v2] fpga: stratix10-soc: Fix SVC mailbox handling during reconfiguration"
In reply to: Andy Lutomirski: "Re: [RFC PATCH v3 2/3] seccomp: add kernel-installed pinned-memfd redirect"
Next in thread: Cong Wang: "Re: [RFC PATCH v3 2/3] seccomp: add kernel-installed pinned-memfd redirect"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Cong Wang

Date: Tue Jun 23 2026 - 23:39:45 EST

On Tue, Jun 23, 2026 at 3:21 PM Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
> The implementation of the patch is a bit sad -- there is no technical
> reason that the code couldn't actually issue the syscall and avoid all
> the heap and task-work crud. The kernel isn't really structured like
> that, but I don't think it would be a big departure.

You are right. I have redesigned it a bit again.

SEND_REDIRECT is replaced with SECCOMP_IOCTL_NOTIF_RUN:
instead of rewriting the trapped task's argument registers and resuming
the same syscall, the supervisor names an explicit {nr, args}, and seccomp
issues *that* syscall in the target's context, reports its return value as the
trapped syscall's result, and skips the original. It runs in the target
(its mm/creds/fds), just dispatched into a scratch pt_regs frame so the
task's real registers are never touched.

Because nothing is rewritten, there is nothing to restore, the
task_work/heap fixup is deleted, and with it the entire signal corner
cases.

Please let me know if this looks better for you too.

Regards,
Cong