lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <55421FA5.2070906@freebox.fr>
Date:	Thu, 30 Apr 2015 14:27:17 +0200
From:	Nicolas Schichan <nschichan@...ebox.fr>
To:	Daniel Borkmann <daniel@...earbox.net>,
	Kees Cook <keescook@...omium.org>,
	Andy Lutomirski <luto@...capital.net>,
	Will Drewry <wad@...omium.org>, linux-kernel@...r.kernel.org,
	ast@...mgrid.com, davem@...emloft.net
Subject: Re: [PATCH 2/4] seccomp: rework seccomp_prepare_filter().

On 04/29/2015 07:12 PM, Daniel Borkmann wrote:
> On 04/29/2015 03:37 PM, Nicolas Schichan wrote:
>> - Try to use the classic BPF JIT via bpf_jit_compile().
>>
>> - Use bpf_migrate_filter() from NET filter code instead of the double
>>    bpf_convert_filter() followed by bpf_prog_select_runtime() if
>>    classic bpf_jit_compile() did not succeed in producing native code.
>>
>> Signed-off-by: Nicolas Schichan <nschichan@...ebox.fr>
> 
> [ I had to look that one up manually, would be good if you keep
>   people in Cc, also netdev for BPF in general. ]

Hello Daniel,

Sorry about that, I used git-send-email with a --to-cmd set to:

"./scripts/get_maintainer.pl -m --norolestats --git-max-maintainer 2"

and your email didn't show up for this particular patch. Additionally the
other emails in the serie that were addressed to you were addressed to an old
disabled email address of yours.

It didn't show up either without "--git-max-maintainer 2".

I'll take more care about the receiver list for the v2 of this serie.

> I see, you need that to make it available to the old bpf_jit_compile()
> for probing on classic JITs. Actually, I really would prefer, if instead
> of duplicating that code, you could export bpf_prepare_filter() and
> pass seccomp_check_filter() as an argument to bpf_prepare_filter().

Just to be sure you want me to pass a pointer to seccomp_check_filter to
bpf_prepare_filter so that it can run it between bpf_check_classic() and
bpf_jit_compile ?

> Otherwise, in case bpf_prepare_filter() changes, people will easily
> forget to update seccomp related code, really.

Fair point.

Thanks,

-- 
Nicolas Schichan
Freebox SAS
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ