From: Kees Cook <[email protected]>
Provide seccomp internals with the details to calculate which syscall
table the running kernel is expecting to deal with. This allows for
efficient architecture pinning and paves the way for constant-action
bitmaps.
Signed-off-by: Kees Cook <[email protected]>
[YiFei: Removed x32, added macro for nr_syscalls]
Signed-off-by: YiFei Zhu <[email protected]>
---
arch/x86/include/asm/seccomp.h | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/arch/x86/include/asm/seccomp.h b/arch/x86/include/asm/seccomp.h
index 2bd1338de236..7b3a58271656 100644
--- a/arch/x86/include/asm/seccomp.h
+++ b/arch/x86/include/asm/seccomp.h
@@ -16,6 +16,18 @@
#define __NR_seccomp_sigreturn_32 __NR_ia32_sigreturn
#endif
+#ifdef CONFIG_X86_64
+# define SECCOMP_ARCH_DEFAULT AUDIT_ARCH_X86_64
+# define SECCOMP_ARCH_DEFAULT_NR NR_syscalls
+# ifdef CONFIG_COMPAT
+# define SECCOMP_ARCH_COMPAT AUDIT_ARCH_I386
+# define SECCOMP_ARCH_COMPAT_NR IA32_NR_syscalls
+# endif
+#else /* !CONFIG_X86_64 */
+# define SECCOMP_ARCH_DEFAULT AUDIT_ARCH_I386
+# define SECCOMP_ARCH_DEFAULT_NR NR_syscalls
+#endif
+
#include <asm-generic/seccomp.h>
#endif /* _ASM_X86_SECCOMP_H */
--
2.28.0
On Wed, Sep 30, 2020 at 10:19:12AM -0500, YiFei Zhu wrote:
> From: Kees Cook <[email protected]>
>
> Provide seccomp internals with the details to calculate which syscall
> table the running kernel is expecting to deal with. This allows for
> efficient architecture pinning and paves the way for constant-action
> bitmaps.
>
> Signed-off-by: Kees Cook <[email protected]>
> [YiFei: Removed x32, added macro for nr_syscalls]
> Signed-off-by: YiFei Zhu <[email protected]>
> ---
> arch/x86/include/asm/seccomp.h | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> diff --git a/arch/x86/include/asm/seccomp.h b/arch/x86/include/asm/seccomp.h
> index 2bd1338de236..7b3a58271656 100644
> --- a/arch/x86/include/asm/seccomp.h
> +++ b/arch/x86/include/asm/seccomp.h
> @@ -16,6 +16,18 @@
> #define __NR_seccomp_sigreturn_32 __NR_ia32_sigreturn
> #endif
>
> +#ifdef CONFIG_X86_64
> +# define SECCOMP_ARCH_DEFAULT AUDIT_ARCH_X86_64
> +# define SECCOMP_ARCH_DEFAULT_NR NR_syscalls
bikeshedding: let's call these SECCOMP_ARCH_NATIVE* -- I think it's more
descriptive.
> +# ifdef CONFIG_COMPAT
> +# define SECCOMP_ARCH_COMPAT AUDIT_ARCH_I386
> +# define SECCOMP_ARCH_COMPAT_NR IA32_NR_syscalls
> +# endif
> +#else /* !CONFIG_X86_64 */
> +# define SECCOMP_ARCH_DEFAULT AUDIT_ARCH_I386
> +# define SECCOMP_ARCH_DEFAULT_NR NR_syscalls
> +#endif
> +
> #include <asm-generic/seccomp.h>
>
> #endif /* _ASM_X86_SECCOMP_H */
> --
> 2.28.0
>
But otherwise, yes, looks good to me. For this patch, I think the S-o-b chain is probably more
accurately captured as:
Signed-off-by: Kees Cook <[email protected]>
Co-developed-by: YiFei Zhu <[email protected]>
Signed-off-by: YiFei Zhu <[email protected]>
--
Kees Cook
On Wed, Sep 30, 2020 at 11:21 PM Kees Cook <[email protected]> wrote:
> On Wed, Sep 30, 2020 at 10:19:12AM -0500, YiFei Zhu wrote:
> > From: Kees Cook <[email protected]>
> >
> > Provide seccomp internals with the details to calculate which syscall
> > table the running kernel is expecting to deal with. This allows for
> > efficient architecture pinning and paves the way for constant-action
> > bitmaps.
> >
> > Signed-off-by: Kees Cook <[email protected]>
> > [YiFei: Removed x32, added macro for nr_syscalls]
> > Signed-off-by: YiFei Zhu <[email protected]>
[...]
> But otherwise, yes, looks good to me. For this patch, I think the S-o-b chain is probably more
> accurately captured as:
>
> Signed-off-by: Kees Cook <[email protected]>
> Co-developed-by: YiFei Zhu <[email protected]>
> Signed-off-by: YiFei Zhu <[email protected]>
(Technically, https://www.kernel.org/doc/html/latest/process/submitting-patches.html#when-to-use-acked-by-cc-and-co-developed-by
says that "every Co-developed-by: must be immediately followed by a
Signed-off-by: of the associated co-author" (and has an example of how
that should look).)
On Wed, Sep 30, 2020 at 11:33:15PM +0200, Jann Horn wrote:
> On Wed, Sep 30, 2020 at 11:21 PM Kees Cook <[email protected]> wrote:
> > On Wed, Sep 30, 2020 at 10:19:12AM -0500, YiFei Zhu wrote:
> > > From: Kees Cook <[email protected]>
> > >
> > > Provide seccomp internals with the details to calculate which syscall
> > > table the running kernel is expecting to deal with. This allows for
> > > efficient architecture pinning and paves the way for constant-action
> > > bitmaps.
> > >
> > > Signed-off-by: Kees Cook <[email protected]>
> > > [YiFei: Removed x32, added macro for nr_syscalls]
> > > Signed-off-by: YiFei Zhu <[email protected]>
> [...]
> > But otherwise, yes, looks good to me. For this patch, I think the S-o-b chain is probably more
> > accurately captured as:
> >
> > Signed-off-by: Kees Cook <[email protected]>
> > Co-developed-by: YiFei Zhu <[email protected]>
> > Signed-off-by: YiFei Zhu <[email protected]>
>
> (Technically, https://www.kernel.org/doc/html/latest/process/submitting-patches.html#when-to-use-acked-by-cc-and-co-developed-by
> says that "every Co-developed-by: must be immediately followed by a
> Signed-off-by: of the associated co-author" (and has an example of how
> that should look).)
Right, but it is not needed for the commit author (here, the From:),
the second example given in the docs shows this:
From: From Author <[email protected]>
<changelog>
Co-developed-by: Random Co-Author <[email protected]>
Signed-off-by: Random Co-Author <[email protected]>
Signed-off-by: From Author <[email protected]>
Co-developed-by: Submitting Co-Author <[email protected]>
Signed-off-by: Submitting Co-Author <[email protected]>
and there is no third co-developer, so it's:
From: From Author <[email protected]>
<changelog>
Signed-off-by: From Author <[email protected]>
Co-developed-by: Submitting Co-Author <[email protected]>
Signed-off-by: Submitting Co-Author <[email protected]>
If I'm the From, and YiFei Zhu is the submitting co-developer, then
it's:
From: Kees Cook <[email protected]>
<changelog>
Signed-off-by: Kees Cook <[email protected]>
Co-developed-by: YiFei Zhu <[email protected]>
Signed-off-by: YiFei Zhu <[email protected]>
which is what I suggested.
--
Kees Cook
On Thu, Oct 1, 2020 at 12:53 AM Kees Cook <[email protected]> wrote:
>
> On Wed, Sep 30, 2020 at 11:33:15PM +0200, Jann Horn wrote:
> > On Wed, Sep 30, 2020 at 11:21 PM Kees Cook <[email protected]> wrote:
> > > On Wed, Sep 30, 2020 at 10:19:12AM -0500, YiFei Zhu wrote:
> > > > From: Kees Cook <[email protected]>
> > > >
> > > > Provide seccomp internals with the details to calculate which syscall
> > > > table the running kernel is expecting to deal with. This allows for
> > > > efficient architecture pinning and paves the way for constant-action
> > > > bitmaps.
> > > >
> > > > Signed-off-by: Kees Cook <[email protected]>
> > > > [YiFei: Removed x32, added macro for nr_syscalls]
> > > > Signed-off-by: YiFei Zhu <[email protected]>
> > [...]
> > > But otherwise, yes, looks good to me. For this patch, I think the S-o-b chain is probably more
> > > accurately captured as:
> > >
> > > Signed-off-by: Kees Cook <[email protected]>
> > > Co-developed-by: YiFei Zhu <[email protected]>
> > > Signed-off-by: YiFei Zhu <[email protected]>
> >
> > (Technically, https://www.kernel.org/doc/html/latest/process/submitting-patches.html#when-to-use-acked-by-cc-and-co-developed-by
> > says that "every Co-developed-by: must be immediately followed by a
> > Signed-off-by: of the associated co-author" (and has an example of how
> > that should look).)
>
> Right, but it is not needed for the commit author (here, the From:),
> the second example given in the docs shows this:
Aah, right. Nevermind, sorry for the noise.