Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp3545538pxk; Mon, 21 Sep 2020 17:22:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyzC8jjzW8lwiOdQIsnyf2SqXed+RzdE2gtcumA+Rou8XuHbMlYrYgnb9hNjl1b8We97MH/ X-Received: by 2002:aa7:d04d:: with SMTP id n13mr1493309edo.354.1600734168350; Mon, 21 Sep 2020 17:22:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600734168; cv=none; d=google.com; s=arc-20160816; b=UeT8BQxxXsRxQfymmnQwA26EDi2u4C1uFxrxp5yW8pSka7vPoirlAuO3RbvMrYOI1H l8vT4shlxSBQ6le6TF5f32Tw1u41g95RLhXmgjd5Zh5gTPehhw7QQfA0ztx8LoWDtQjA hekB+KIcDbgjfDHIE8aw3ZcMSyvgdV4qztlNVleStaGO01AQC/GxisDMirH4urF82tIC YMRyAoUFkKYEaIktzhxu7+nABEya2AtZi+loQc7mi7OHQWDUQT7L3SRMTelEGvBCJo5P /FoWut1H3I9DRzDd4Fj9gTG+SXyQqrDTdYpAeswG/ldEIXmw5xu+hV8QMjVNO7iUqd9L SWlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=mcI5ReI6UwbL3Y9VJsKxXjGv/OVvfXvskB57PaK2fIg=; b=LrtGteJGAkvdL2/UzpyXwFsChB7z9JG7lPL7ng1SlxzG8nMe7DuMUrz5j8OMYyME2h GR9ddm7azcQZ1+lR9DD+quotjP3nbY6lMB/I+2t0nhNPJt/8JbOLjByJh2a62aCuEp8Q mXEGRQkNctNMR3xwSApq/0T9X9UgjK2bquzis0+qsuvWSd2SCjcFWPgYN8Fn+lDSBgdo cXFGXFr1BcvRaimRm+mapgwonFOYNP0Lnm4HUEwGi66PIT9bm4bUwebih6uRTpkADsSX nArRN6hwUz9M91ZWEjAxl7zENusJbSYxR+GQN2D01CMU0299BCG9mcmkMkXIwLs3TtNs HovA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=W4l5lute; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a8si9218558ejv.661.2020.09.21.17.22.25; Mon, 21 Sep 2020 17:22:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=W4l5lute; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728743AbgIUW5z (ORCPT + 99 others); Mon, 21 Sep 2020 18:57:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35324 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728662AbgIUW5y (ORCPT ); Mon, 21 Sep 2020 18:57:54 -0400 Received: from mail-pf1-x443.google.com (mail-pf1-x443.google.com [IPv6:2607:f8b0:4864:20::443]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AFE9AC061755; Mon, 21 Sep 2020 15:57:54 -0700 (PDT) Received: by mail-pf1-x443.google.com with SMTP id n14so10610892pff.6; Mon, 21 Sep 2020 15:57:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=mcI5ReI6UwbL3Y9VJsKxXjGv/OVvfXvskB57PaK2fIg=; b=W4l5lutecwZ6k8fboRiFxU1Hxvcgtrnw4cWWOU59OcbmJ7FVpQASAgTiMg+NRQBf4/ tbazCRYfVl6lEvWObHic3/v4bewoM3wo+QpDDwiCrFzI+K3hTSklL74Tza9nCmiz8ycw TRFTMwG8wrTzbGND2vTuSPj8hFZnyp2y/w2tnvfMbnbWpm8KdkdCWDp1ws+KJQaDvDyM 4LTgwDzrwy+DX5SAFuLftsDAQxlkV5e0XM99+Z/qbnmwt7W77anx7EPdzBTWYLqUsy/Q SQatbhz1BXbbf7xsBwgcG0nimBTsIEdOJfkFrOu8c0gvQN5LY1XtgD43Xz+qF9sPe7HP Zmsg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=mcI5ReI6UwbL3Y9VJsKxXjGv/OVvfXvskB57PaK2fIg=; b=AafV75x61GI706GhGi9uTxO5Gc7xAkXTPxOTHDa3hQn1OHcjLw6MWFekg7z53NcX+j 9Ct2o9QLV4JthGU5F4hTVw4cT28YX44ezVGWAHOgqheq3FMHrrZejtEh4/Y0PNex+w5k Faz9lYido9mfYuYjBEk8GJCo2ghGNICgp6MVPdxxuj2axyngWDoxUDi3WxWgPi8IywBT sdrKS6YhOmaThaETyGgC49mXUNZiOSg/pRvgJMFSqDMTlrqrGza5bKsjTdh5HGjCkHvH hgVJ6EWdyW+V8t8ZS8usrin0jpLvjzTtdDd9eWUSJ0ttEAoCsugHw7O1RdUA5B2R5vNY rClA== X-Gm-Message-State: AOAM5322MSc3iVwtYHll4YY20+S76iEwBgLncfCyL60Yt/MdAOw+c7Ql E9Gz7J/PiH+3iFFP/EBUW+PFlLigHaLFT3bl8C8= X-Received: by 2002:a63:5043:: with SMTP id q3mr1315846pgl.293.1600729074167; Mon, 21 Sep 2020 15:57:54 -0700 (PDT) MIME-Version: 1.0 References: <20200921135115.GC3794348@cisco> <20200921163916.GE3794348@cisco> In-Reply-To: <20200921163916.GE3794348@cisco> From: YiFei Zhu Date: Mon, 21 Sep 2020 17:57:43 -0500 Message-ID: Subject: Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls To: Tycho Andersen Cc: Linux Containers , Andrea Arcangeli , Giuseppe Scrivano , Kees Cook , YiFei Zhu , Tobin Feldman-Fitzthum , Dimitrios Skarlatos , Valentin Rothberg , Hubertus Franke , Jack Chen , Josep Torrellas , bpf , Tianyin Xu , Andy Lutomirski , Will Drewry , Jann Horn , Aleksa Sarai , kernel list Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Sep 21, 2020 at 11:39 AM Tycho Andersen wrote: > I see, I missed this somehow. So is there a reason to hide this behind > a config option? Isn't it just always better? > > Tycho You have a good point, though, I think keeping a config would allow people to "test the differences" in the unlikely case that some issue occurs. Jann pointed that it should be on by default so I'll do that. YiFei Zhu