| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 24 Jan 2020 01:17:39 -0800
From: Sargun Dhillon <sargun@...gun.me>
To: linux-kernel@...r.kernel.org,
containers@...ts.linux-foundation.org, linux-api@...r.kernel.org,
linux-fsdevel@...r.kernel.org
Cc: Sargun Dhillon <sargun@...gun.me>, tycho@...ho.ws,
christian.brauner@...ntu.com
Subject: [PATCH 0/4] Add the ability to get a pidfd on seccomp user notifications
This patchset adds the ability for users of the seccomp user notification API
to receive the pidfd of the process which triggered the notification. It is
an optional feature that users must opt into by setting a flag when they
call the ioctl. With enhancements to other APIs, it should decrease
the need for the cookie-checking mechanism.
Sargun Dhillon (4):
pid: Add pidfd_create_file helper
fork: Use newly created pidfd_create_file helper
seccomp: Add SECCOMP_USER_NOTIF_FLAG_PIDFD to get pidfd on listener
trap
selftests/seccomp: test SECCOMP_USER_NOTIF_FLAG_PIDFD
include/linux/pid.h | 1 +
include/uapi/linux/seccomp.h | 4 +
kernel/fork.c | 4 +-
kernel/pid.c | 22 ++++
kernel/seccomp.c | 68 ++++++++++-
tools/testing/selftests/seccomp/seccomp_bpf.c | 110 ++++++++++++++++++
6 files changed, 200 insertions(+), 9 deletions(-)
--
2.20.1
Powered by blists - more mailing lists