| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20151002225915.GP23065@smitten> Date: Fri, 2 Oct 2015 16:59:15 -0600 From: Tycho Andersen <tycho.andersen@...onical.com> To: Daniel Borkmann <daniel@...earbox.net> Cc: Kees Cook <keescook@...omium.org>, Alexei Starovoitov <ast@...nel.org>, Will Drewry <wad@...omium.org>, Oleg Nesterov <oleg@...hat.com>, Andy Lutomirski <luto@...capital.net>, Pavel Emelyanov <xemul@...allels.com>, "Serge E. Hallyn" <serge.hallyn@...ntu.com>, LKML <linux-kernel@...r.kernel.org>, Network Development <netdev@...r.kernel.org>, Linux API <linux-api@...r.kernel.org> Subject: Re: v5 of seccomp filter c/r patches On Sat, Oct 03, 2015 at 12:57:49AM +0200, Daniel Borkmann wrote: > On 10/03/2015 12:44 AM, Tycho Andersen wrote: > >On Fri, Oct 02, 2015 at 02:10:24PM -0700, Kees Cook wrote: > ... > >Ok, how about, > > > >struct sock_filter insns[BPF_MAXINSNS]; > >insn_cnt = ptrace(PTRACE_SECCOMP_GET_FILTER, pid, insns, i); > > Would also be good that when the storage buffer (insns) is NULL, > it just returns you the number of sock_filter insns (or 0 when > nothing attached). > > That would be consistent with classic socket filters (see > sk_get_filter()), and user space could allocate a specific > size instead of always passing in max insns. Yep, the current set does this with SECCOMP_FD_DUMP and I agree that it's nice behavior, so I'll plan on preserving it. Thanks, Tycho -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists