Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp552462pxk;
        Thu, 24 Sep 2020 12:02:15 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzZP8mV6bpNgbpIETTCcjafBPtPlb34UARPEhuRXu/My6Q4cmP6eLrev/KxgeR6aQs04kYt
X-Received: by 2002:a50:9b5e:: with SMTP id a30mr244920edj.49.1600974135623;
        Thu, 24 Sep 2020 12:02:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1600974135; cv=none;
        d=google.com; s=arc-20160816;
        b=ryN7N1tGE6swH3sQrE/VwdnWDS4MgT+Hrk2/8PHRNoY1dWFA6OT8C7w04K/cx0xrc1
         07Pjun7YslOM1zAuslUVpzFlJRmoxNmO8UF03mlANbB2DmKEHWqhnkGIGudANbC6dFsE
         Z/uwHeA8to948AfPcR6elgHrOzOPj1Z13Y4maD6Cc8mkjyG3On+YmF9Eh3Ci2ZXNgoMm
         hQDE/44m6drTSPQdbE0KNAItpWfl8nRoLXH6iyyMZkjgmIe38NAZuGMCRyUIP9sSKpFV
         KzNiUO8vWkyVT+bVzDCXwHbBwiExmQfb46TbL/MBIRAIYnIU+bdm9DcA3i4ig/IA3Zer
         +xuA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:user-agent:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date
         :dkim-signature;
        bh=Axiq0yReIhbW6/4dmIx+opfMoBleK5yZs2UhwoE+Kvs=;
        b=MqcD8RFeP7KfXe8/xM4bEF0AK8OTSDD5Y9tZiV+gjXh26AHbdY95qScCDO8VfccLGl
         0c3a0vuLOjF55c0Wp+w2Xg2fDFd/NUirPLdw9J3Y/IwYqN0nXJM5CGK6tAGf783HNtya
         w2QUr974MnejqcvWl1fCGkCx26TTq91NxRPT0sSg80nOv/ood4pjOn32skrqbp8zuLSA
         Wk3SHApT1U3N3lzhoML5iCjmlfdiGcCKo7RI1aKhIf242LVLGHhiqGuQi2eTUH1rzrgc
         2WANhsZQaR8PZ5hTH+7Y+t/ispeFaivE/+LbRSgiZFoM98MAPs49UE96fyXLkfAxb0sD
         2bTg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=cLfXJQCa;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id s19si188626edx.480.2020.09.24.12.01.50;
        Thu, 24 Sep 2020 12:02:15 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=cLfXJQCa;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728736AbgIXS5P (ORCPT <rfc822;0330sisy@gmail.com> + 99 others);
        Thu, 24 Sep 2020 14:57:15 -0400
Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:54062 "EHLO
        us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1727992AbgIXS5P (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 24 Sep 2020 14:57:15 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1600973834;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=Axiq0yReIhbW6/4dmIx+opfMoBleK5yZs2UhwoE+Kvs=;
        b=cLfXJQCaCrZjmg8XGAXNgIcegjVWBRj5fDp52NwtL+qRJh3Bm/ll8z5P/Pk/gfcIKzivSX
        sIHPfQmslCB0TA74l9EHDMPJMu/82clK1qkHs8Xfr2/uqi/mBcdsErp2Ddmg5KCsL9++Pi
        dI8HlQHjrOMFTEIc+sMKYs8HpLhwTAQ=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-414-WVV_JMg6OJmaRNofl0ABnw-1; Thu, 24 Sep 2020 14:57:07 -0400
X-MC-Unique: WVV_JMg6OJmaRNofl0ABnw-1
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 8268E1868410;
        Thu, 24 Sep 2020 18:57:05 +0000 (UTC)
Received: from mail (ovpn-118-223.rdu2.redhat.com [10.10.118.223])
        by smtp.corp.redhat.com (Postfix) with ESMTPS id BDB1A73693;
        Thu, 24 Sep 2020 18:57:02 +0000 (UTC)
Date:   Thu, 24 Sep 2020 14:57:02 -0400
From:   Andrea Arcangeli <aarcange@redhat.com>
To:     Kees Cook <keescook@chromium.org>
Cc:     YiFei Zhu <yifeifz2@illinois.edu>, Jann Horn <jannh@google.com>,
        Christian Brauner <christian.brauner@ubuntu.com>,
        Tycho Andersen <tycho@tycho.pizza>,
        Andy Lutomirski <luto@amacapital.net>,
        Will Drewry <wad@chromium.org>,
        Giuseppe Scrivano <gscrivan@redhat.com>,
        Tobin Feldman-Fitzthum <tobin@ibm.com>,
        Dimitrios Skarlatos <dskarlat@cs.cmu.edu>,
        Valentin Rothberg <vrothber@redhat.com>,
        Hubertus Franke <frankeh@us.ibm.com>,
        Jack Chen <jianyan2@illinois.edu>,
        Josep Torrellas <torrella@illinois.edu>,
        Tianyin Xu <tyxu@illinois.edu>, bpf@vger.kernel.org,
        containers@lists.linux-foundation.org, linux-api@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH v1 0/6] seccomp: Implement constant action bitmaps
Message-ID: <20200924185702.GA9225@redhat.com>
References: <20200923232923.3142503-1-keescook@chromium.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20200923232923.3142503-1-keescook@chromium.org>
User-Agent: Mutt/1.14.7 (2020-08-29)
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hello,

I'm posting this only for the record, feel free to ignore.

On Wed, Sep 23, 2020 at 04:29:17PM -0700, Kees Cook wrote:
> rfc: https://lore.kernel.org/lkml/20200616074934.1600036-1-keescook@chromium.org/
> alternative: https://lore.kernel.org/containers/cover.1600661418.git.yifeifz2@illinois.edu/
> v1:
> - rebase to for-next/seccomp
> - finish X86_X32 support for both pinning and bitmaps

It's pretty clear the O(1) seccomp filter bitmap was first was
proposed by your RFC in June (albeit it was located in the wrong place
and is still in the wrong place in v1).

> - replace TLB magic with Jann's emulator
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    
That's a pretty fundamental change in v1 compared to your the
non-competing TLB magic technique you used in the RFC last June.

The bitmap isn't the clever part of the patch, the bitmap can be
reviewed in seconds, the difficult part to implement and to review is
how you fill the bitmap and in that respect there's absolutely nothing
in common in between the "rfc:" and the "alternative" link.

In June your bitmap-filling engine was this:

https://lore.kernel.org/lkml/20200616074934.1600036-5-keescook@chromium.org/

Then on Sep 21 YiFei Zhu posted his new innovative BPF emulation
innovation that obsoleted your TLB magic of June:

https://lists.linuxfoundation.org/pipermail/containers/2020-September/042153.html

And on Sep 23 instead of collaborating and helping YiFei Zhu to
improve his BPF emulator, you posted the same technique that looks
remarkably similar without giving YiFei Zhu any attribution and you
instead attribute the whole idea to Jann Horn:

https://lkml.kernel.org/r/20200923232923.3142503-5-keescook@chromium.org

Thanks,
Andrea