[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CABXk95CvE7O8ZL864AoVtKA7XqA_XaxA66Zz5ncpDWFSO7C19Q@mail.gmail.com>
Date: Thu, 28 Jan 2016 19:03:57 -0800
From: Jeffrey Vander Stoep <jeffv@...gle.com>
To: Andy Lutomirski <luto@...capital.net>,
Kees Cook <keescook@...omium.org>
Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Oleg Nesterov <oleg@...hat.com>,
Will Drewry <wad@...omium.org>,
"linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
Linux API <linux-api@...r.kernel.org>,
LSM List <linux-security-module@...r.kernel.org>,
"kernel-hardening@...ts.openwall.com"
<kernel-hardening@...ts.openwall.com>
Subject: Re: [RFC][PATCH] seccomp: add SECCOMP_RET_ACK for non-fatal SIGSYS
Thanks! This is just what I need.
What are the drawbacks to returning the sigsys before executing the
system call? Otherwise this loses the benefit of properly reporting
registers for argument inspection.
How about SECCOMP_RET_PERMISSIVE? Describes the application rather
than the implementation. Otherwise preference is for
SECCOMP_RET_ALLOW_SIGSYS.
Powered by blists - more mailing lists