Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp2153853imm; Thu, 27 Sep 2018 08:14:15 -0700 (PDT) X-Google-Smtp-Source: ACcGV61Vd9Vj4eM0jKRmFAPMCLtDSFvoaZKmC01+ECx3DsMNJDo0logAG9rEEy539xmLSRqGq4JE X-Received: by 2002:a62:5950:: with SMTP id n77-v6mr7545648pfb.0.1538061255882; Thu, 27 Sep 2018 08:14:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1538061255; cv=none; d=google.com; s=arc-20160816; b=AiNcuAvjEdQIpWHJFjrBeXq5/w6J+JkOor+UCTksgf4+B3b7XUtPsSKs8cz5ZDm8KK PMPpUH44afQdQ5S/sKeNtq8etqTqAyj4iuU+Nid+yBcbOEY/3vj1IQ38N+fb5gU/eOS/ IbYAlZLikGmkRCjT3CXsbNJMkzi6dduSUCO9AXrfa3WmfiQDOjc5EMocWicfcQ3esGOI yHZqJqAsJAUStQwSc/0LXJSulX/PB3HMiiCSY5JR2eo9gYt/JuwEL1bD9lYU6l/TMqbP H/rx1Ngw7OHvNpb7HxGmpFkMy1ZCw5qeerqY8hfVStf24rg+5JVruX4C9bhtDtNf+mUQ yoZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :dkim-signature; bh=Wr7KqnM3yUXoEWd/oMwrL5jRQqwTL//qNH8I4yPylHM=; b=myNZhuG/I05IBfXzgO89aJi38i4bBq2OtiYhEr7XinlwyWw7oVQ5fmqklJLga2ZJVm 8fFjZXOAFJddl/mmy5LUHvEPxUsE/aHeygfIZAe8fiKiTXo17cAxc8E5yM60pThMPpCk PSKBmibf0K8Zo/YklI8PtR28OnKxLE7MiTJqPMdsmterpryUPRJnq4xhn06H565qMZ1z jo0Ic0d7ZX8z1qHBu9x1ajBpLrtLQuoivlLY4hafJm4NPnQDhycnNYoJaelI229kOOhe jbRShLpMLTwfQ16kjXE8aMqKHUgX4cJDwsgRZCY7ckjXbPyHbBXkDrh+Vnf5JA7pGlpl GS8g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=v2O+6uWC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h20-v6si2155379pgh.573.2018.09.27.08.13.52; Thu, 27 Sep 2018 08:14:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=v2O+6uWC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727621AbeI0VaT (ORCPT + 99 others); Thu, 27 Sep 2018 17:30:19 -0400 Received: from mail-pg1-f195.google.com ([209.85.215.195]:37079 "EHLO mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727335AbeI0VaS (ORCPT ); Thu, 27 Sep 2018 17:30:18 -0400 Received: by mail-pg1-f195.google.com with SMTP id c10-v6so2193239pgq.4 for ; Thu, 27 Sep 2018 08:11:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho-ws.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id; bh=Wr7KqnM3yUXoEWd/oMwrL5jRQqwTL//qNH8I4yPylHM=; b=v2O+6uWCOEor1InB0/BazSECB/1dpQRrnCvGGAFN2B3PwcloxZ8+WDHli6Jw5Eoj2v 6NDY4lNygGMM52iWp2LvbYVm3vb03q6UnN1sHHRa95fE//tWQoCIUzz/kxeDCom0TT37 2g49ploiag3k6N0Fp51Coq4UQt6WYxhpwKs4a9vefYzZQgKIX4R2Ii14qiv9WZ8dPJwK fzt1pDX+9iI3IF1lMLY7E+5r/USdjQEXmAfXT2VpRcr+T91Hi9puBAGmonQfb7E3qcqU A2kiZwxZ9kNNoUeVZS8Yd2zHnOdrwgNlIV+Tabev38sH8OKlBAGTQVU4bJWqWdu5VKUi QyDA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=Wr7KqnM3yUXoEWd/oMwrL5jRQqwTL//qNH8I4yPylHM=; b=IsRwqm/rR17ohAalb/Ti9cwTIFVw8/PkP3YpZo4JPOKzsPAepvu4bqfJ9qNbpuvg8Z Bjkqha94kC8Utkb4s4q7WU0r7cy0NZnWXucFy4lleNBdlfcz8u7bdlyaCFsjFZzfr7QA F2uKA+QdedZK8ZpCJ2kwdGB/z1UJ2p1yUJD5g4oRzT0syXMaaRzEKeaQY95aRs1PNWj/ JUC9gU/kn42gG5QGnbhBcxb19AUBJYq1kdLtdufb73wJJ2ogHRodlMRuk0QXOPdpgXNW XhnGTe9kWsDyEHE+ZvI1Pz+TVvr5HSz5hbZicpyvnLQpU+nO8L/M1py2sjG17/3mfrlj WzsA== X-Gm-Message-State: ABuFfogyfLAOdSE7PluFGm6sDlgl6cTzaEaeeMOBA2PrOpaCYg5/p3Hy SX50Ck0xn0lntatQl45tLI87rg== X-Received: by 2002:a63:9c01:: with SMTP id f1-v6mr10049333pge.156.1538061095315; Thu, 27 Sep 2018 08:11:35 -0700 (PDT) Received: from localhost.localdomain ([128.107.241.178]) by smtp.gmail.com with ESMTPSA id y19-v6sm5429610pff.14.2018.09.27.08.11.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 27 Sep 2018 08:11:33 -0700 (PDT) From: Tycho Andersen To: Kees Cook Cc: linux-kernel@vger.kernel.org, containers@lists.linux-foundation.org, linux-api@vger.kernel.org, Andy Lutomirski , Oleg Nesterov , "Eric W . Biederman" , "Serge E . Hallyn" , Christian Brauner , Tyler Hicks , Akihiro Suda , Jann Horn , linux-fsdevel@vger.kernel.org, Tycho Andersen Subject: [PATCH v7 0/6] seccomp trap to userspace Date: Thu, 27 Sep 2018 09:11:13 -0600 Message-Id: <20180927151119.9989-1-tycho@tycho.ws> X-Mailer: git-send-email 2.17.1 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi all, Here's v7 of the seccomp trap to userspace set. There are various minor changes and bug fixes, but two major changes: * We now pass fds to the tracee via an ioctl, and do it immediately when the ioctl is called. For this we needed some help from the vfs, so I've put the one patch in this series and cc'd fsdevel. This does have the advantage that the feature is now totally decoupled from the rest of the set, which is itself useful (thanks Andy!) * Instead of putting all of the notification related stuff into the struct seccomp_filter, it now lives in its own struct notification, which is pointed to by struct seccomp_filter. This will save a lot of memory (thanks Tyler!) v6 discussion: https://lkml.org/lkml/2018/9/6/769 Thoughts welcome, Tycho Tycho Andersen (6): seccomp: add a return code to trap to userspace seccomp: make get_nth_filter available outside of CHECKPOINT_RESTORE seccomp: add a way to get a listener fd from ptrace files: add a replace_fd_files() function seccomp: add a way to pass FDs via a notification fd samples: add an example of seccomp user trap Documentation/ioctl/ioctl-number.txt | 1 + .../userspace-api/seccomp_filter.rst | 89 +++ fs/file.c | 22 +- include/linux/file.h | 8 + include/linux/seccomp.h | 14 +- include/uapi/linux/ptrace.h | 2 + include/uapi/linux/seccomp.h | 42 +- kernel/ptrace.c | 4 + kernel/seccomp.c | 527 ++++++++++++++- samples/seccomp/.gitignore | 1 + samples/seccomp/Makefile | 7 +- samples/seccomp/user-trap.c | 312 +++++++++ tools/testing/selftests/seccomp/seccomp_bpf.c | 607 +++++++++++++++++- 13 files changed, 1617 insertions(+), 19 deletions(-) create mode 100644 samples/seccomp/user-trap.c -- 2.17.1