Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp2391069pxu; Fri, 9 Oct 2020 16:13:56 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxZ/yzReI6qyZHGgwFZGWC8rCgPfxjiszXhx7I9dZw7pP1WTiPB4nLq0Dq4pShGoGWQzcI6 X-Received: by 2002:a05:6402:1298:: with SMTP id w24mr1631354edv.280.1602285236048; Fri, 09 Oct 2020 16:13:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1602285236; cv=none; d=google.com; s=arc-20160816; b=HH39T9Wbm/dpCv8B70Yo62H+CivktgesAOGfoOPRdCB4/pDsDdrBck9gNo6Cnc2fqP /Bzt1Ab5Jfp3tKLGC50UFU/eNJ3MKU27gPoocfPlDO8dvUYRusj8ta7HEJYFVQOKp2KZ QpRtnEuSe1sWI7xkQxcDzvV3ftsjRvpUUmQB31cDZ+y7Dwj1SMXvL+N+E+aITgJnuZxh +8HgSarg8RtBRTrvhNsD1gZcdX7Fq38TpQ+ExCse+14TGwZGkfxD0KPiHK3r8DPcuFVR UUhCYQdzD72sLl4NyfUFszuykBJkAsoV5ZqqftppHLPUh5iMCbc5BBt0crF/p2GpGsv6 0afg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=218xaHs2rZNa9jTYJXmDVRRaape+5jpCuo1cSZDE68Y=; b=SBxuOSm/E82U+E54w3Qrbii2mtNmQLimpXU1N5fmikfLfz59mjbV5TsV6LC13881fd mO6iWej3uCmCCsTKXdvYQiB1RtMFwbboHHFOrELb6Op3CPn/UqE3LZoEZacx0qOxCfd+ W2KHngJgXTM3S/eCiSyccPvdtKRl8v/02+S1oc0u96GkmCvTLHkNcROYVbtNIubBvew9 yz71bzwQ+uQfXDsxSnhjvOhQByJ8wGNcXosC4nj4pnor8EKcJcvoSJrkXYkhybhejniX E5LY0gnXZ3JesApikK0vnJplmnQ4xAd63/JQosNTPc8VRQLa6ddQAf6ZsfNwcs3PE/KX UoSQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=creOSRKT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id y13si6962889ejc.435.2020.10.09.16.13.32; Fri, 09 Oct 2020 16:13:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=creOSRKT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732605AbgJIRZ1 (ORCPT + 99 others); Fri, 9 Oct 2020 13:25:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52622 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732153AbgJIRZN (ORCPT ); Fri, 9 Oct 2020 13:25:13 -0400 Received: from mail-wr1-x441.google.com (mail-wr1-x441.google.com [IPv6:2a00:1450:4864:20::441]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 846DCC0613D5 for ; Fri, 9 Oct 2020 10:25:13 -0700 (PDT) Received: by mail-wr1-x441.google.com with SMTP id g12so11082711wrp.10 for ; Fri, 09 Oct 2020 10:25:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=218xaHs2rZNa9jTYJXmDVRRaape+5jpCuo1cSZDE68Y=; b=creOSRKTUeYhh/6OYZA4joo2NuLZpIGt9Kw1OHbgUY8hTfB7xaWX0/NbfNllme2edb dgib8pb5T89oPSoxmq9gfSlt0+qO3IE44aMVJy+zAByETZ3fwQ9450NdqyJ5xFO85rZc gIrHGYk3HhI/emo4vCgsDyZi4yXDNglUqAmKNk5MSc3PO+YSsTfiCWDckdbwGUgpXpaT kRsCyo/cWSpbCUtgrFJDj5IWoTjTpPx7kXn8M4kazm1lbgPWj0UNidKVnWwEATuk1x+7 kqKBRLlcnmIaUKKlfA9GtaA3AIRxvIHfJ/U8AbBe5EzlvroiSp3xB1UUS3Pblb5hnqB7 j4gg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=218xaHs2rZNa9jTYJXmDVRRaape+5jpCuo1cSZDE68Y=; b=kCJierbyjjQJR8Hau4cKIylX0c3ofcy1WtRous9BuGM9aK1gKdRg8RFUaswy6jvEM0 LvmrJgTgVJcJDuv+Z0R6TZwIhYH2734rzIEwLBMl0TviCLsdsCe2Wlz+4n+wxGIxlmnp wzli0xNBm+3GkZNvwL6L9tE2tVn5hvf3+k2WPTEP6JCrY0j1DFb2vzoGha/LApRjcdo8 OzE+5Pk3xEtzMef4Vwo7OIbvzIirpOgdKBDVOKjqHyqO1p8W/fZqnHZ4wCBopMK5emdr KEYeN50Gttv+IaWgDQO+ObD9Vm8bxaqPgXJhdKKotVDTCdZEDPwdpI/YlHdZTRwISWU8 U+Yw== X-Gm-Message-State: AOAM530yi72lTiNs9Hyl4RlrWqkk6LsLdg+vjvueQD6rZJ7uDs2QM2gU g+fAwi1pXg8m3w0sm8A2Je7iNRIAzy0M1i6Pao56SA== X-Received: by 2002:a5d:6744:: with SMTP id l4mr16465051wrw.18.1602264312119; Fri, 09 Oct 2020 10:25:12 -0700 (PDT) MIME-Version: 1.0 References: <122e3e70cf775e461ebdfadb5fbb4b6813cca3dd.1602263422.git.yifeifz2@illinois.edu> In-Reply-To: <122e3e70cf775e461ebdfadb5fbb4b6813cca3dd.1602263422.git.yifeifz2@illinois.edu> From: Andy Lutomirski Date: Fri, 9 Oct 2020 10:25:00 -0700 Message-ID: Subject: Re: [PATCH v4 seccomp 3/5] x86: Enable seccomp architecture tracking To: YiFei Zhu Cc: Linux Containers , YiFei Zhu , bpf , LKML , Aleksa Sarai , Andrea Arcangeli , David Laight , Dimitrios Skarlatos , Giuseppe Scrivano , Hubertus Franke , Jack Chen , Jann Horn , Josep Torrellas , Kees Cook , Tianyin Xu , Tobin Feldman-Fitzthum , Tycho Andersen , Valentin Rothberg , Will Drewry Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Oct 9, 2020 at 10:15 AM YiFei Zhu wrote: > > From: Kees Cook > > Provide seccomp internals with the details to calculate which syscall > table the running kernel is expecting to deal with. This allows for > efficient architecture pinning and paves the way for constant-action > bitmaps. > > Signed-off-by: Kees Cook > Co-developed-by: YiFei Zhu > Signed-off-by: YiFei Zhu > --- > arch/x86/include/asm/seccomp.h | 12 ++++++++++++ > 1 file changed, 12 insertions(+) > > diff --git a/arch/x86/include/asm/seccomp.h b/arch/x86/include/asm/seccomp.h > index 2bd1338de236..03365af6165d 100644 > --- a/arch/x86/include/asm/seccomp.h > +++ b/arch/x86/include/asm/seccomp.h > @@ -16,6 +16,18 @@ > #define __NR_seccomp_sigreturn_32 __NR_ia32_sigreturn > #endif > > +#ifdef CONFIG_X86_64 > +# define SECCOMP_ARCH_NATIVE AUDIT_ARCH_X86_64 > +# define SECCOMP_ARCH_NATIVE_NR NR_syscalls > +# ifdef CONFIG_COMPAT > +# define SECCOMP_ARCH_COMPAT AUDIT_ARCH_I386 > +# define SECCOMP_ARCH_COMPAT_NR IA32_NR_syscalls > +# endif > +#else /* !CONFIG_X86_64 */ > +# define SECCOMP_ARCH_NATIVE AUDIT_ARCH_I386 > +# define SECCOMP_ARCH_NATIVE_NR NR_syscalls > +#endif Is the idea that any syscall that's out of range for this (e.g. all of the x32 syscalls) is unoptimized? I'm okay with this, but I think it could use a comment. > + > #include > > #endif /* _ASM_X86_SECCOMP_H */ > -- > 2.28.0 > -- Andy Lutomirski AMA Capital Management, LLC