lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 28 Jun 2021 12:57:16 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     linux-kernel@...r.kernel.org,
        Christian Brauner <christian.brauner@...ntu.com>,
        Kees Cook <keescook@...omium.org>,
        Rodrigo Campos <rodrigo@...volk.io>,
        Sargun Dhillon <sargun@...gun.me>,
        Tycho Andersen <tycho@...ho.pizza>,
        Will Drewry <wad@...omium.org>
Subject: [GIT PULL] seccomp updates for v5.14-rc1

Hi Linus,

Please pull these seccomp updates for v5.14-rc1. Note that the commit
dates show "today", but this has been in -next for a while. I didn't
correctly manage my "for-linus/seccomp" fixes branch (which this is
based on) that was pulled for v5.13-rc4.

Thanks!

-Kees

The following changes since commit ddc473916955f7710d1eb17c1273d91c8622a9fe:

  seccomp: Refactor notification handler to prepare for new semantics (2021-05-29 11:13:27 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/seccomp-v5.14-rc1

for you to fetch changes up to 9a03abc16c77062c73972df08206f1031862d9b4:

  selftests/seccomp: Avoid using "sysctl" for report (2021-06-28 12:49:52 -0700)

----------------------------------------------------------------
seccomp updates for v5.14-rc1

Add "atomic addfd + send reply" mode to SECCOMP_USER_NOTIF to better
handle EINTR races visible to seccomp monitors. (Rodrigo Campos,
Sargun Dhillon)

Improve seccomp selftests for readability in CI systems. (Kees Cook)

----------------------------------------------------------------
Kees Cook (3):
      selftests/seccomp: More closely track fds being assigned
      selftests/seccomp: Flush benchmark output
      selftests/seccomp: Avoid using "sysctl" for report

Rodrigo Campos (2):
      seccomp: Support atomic "addfd + send reply"
      selftests/seccomp: Add test for atomic addfd+send

 Documentation/userspace-api/seccomp_filter.rst     | 12 +++++
 include/uapi/linux/seccomp.h                       |  1 +
 kernel/seccomp.c                                   | 51 +++++++++++++++++++---
 .../testing/selftests/seccomp/seccomp_benchmark.c  | 10 ++++-
 tools/testing/selftests/seccomp/seccomp_bpf.c      | 51 ++++++++++++++++++++--
 5 files changed, 113 insertions(+), 12 deletions(-)

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ