Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp219647pxb; Sat, 20 Feb 2021 01:10:28 -0800 (PST) X-Google-Smtp-Source: ABdhPJxbOEPOf2xnzB+NJXfCkFn05pNxl2OxiF0gcjVjypquaVtm4Kk7cJZJehW5sF1ZqQ7Mgi0w X-Received: by 2002:a17:906:4707:: with SMTP id y7mr12995819ejq.79.1613812228616; Sat, 20 Feb 2021 01:10:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1613812228; cv=none; d=google.com; s=arc-20160816; b=hQTXQafP1C5X/vOVRPNOrpo9uOW3T07BtCoEVBd5eLH8pnPlMsAeA12yrSz1ju1Uu4 uwkLpPoLXAEXrvPimZLBkIRAcaDmZiD6lmo7QcBAYev2zDHoDar0lxO9UDbJm8IDdMOj znV6MMIo8SiMP8nq/5m2pcKR9BAVJUSHPRNpaLRKlA4eWJ/EPaqUyaqeOxcVEA0TvrgD xbrljNxAlm4ZQlF+5V95npd+z7ItMCfpuAYk8m6XVZqEtVJ1Umb7/4LflV2g6NmG12zz a3PuStTO1z949Cj2o+UQlOzlUICWLMiu/pgeifW9WoqHbw+8TB+d1R4RSI1C4dUbrGEQ 24BQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=Ndod0SKs53DoouSdXHyF0CmTt+j+rMCAZ9tnPJESopM=; b=YdiXmxI6Ak3mAffzTK3G0go+6AErs+TCRuRnJk2/1KOG/kRT2vu6yJmIwOkx13OnE9 GvR42Rkb9Z8K5Y9XCCEnyklmEPvYEwN7TElW55iCGD7L+HxOm1SexqgmL6+Rrnd0/PwO X6L6xU17J6s6YkaPZdpCDtk6Pz6m1oLEulfo99e6A8zkKwzipIHcmUY3eci73tMDfWUQ TpJWTyWeIULVyblKVCzrM4oYDyaLXjHF5QZlo2il11faLXOW5Oiz4U5g/8qThEy8QbQL 9ykbIAYqV7rGfBaZBFMJLGnMnIOxp1QHRC2yHKGf86iwZBm0y/sYWWXiYNzp9nTPWX/D eBDQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sargun.me header.s=google header.b=QjB1Nxc4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id r16si7760346ejc.439.2021.02.20.01.10.05; Sat, 20 Feb 2021 01:10:28 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@sargun.me header.s=google header.b=QjB1Nxc4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229542AbhBTJHM (ORCPT + 99 others); Sat, 20 Feb 2021 04:07:12 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55218 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229645AbhBTJFw (ORCPT ); Sat, 20 Feb 2021 04:05:52 -0500 Received: from mail-pl1-x62f.google.com (mail-pl1-x62f.google.com [IPv6:2607:f8b0:4864:20::62f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AB3E4C061574 for ; Sat, 20 Feb 2021 01:05:06 -0800 (PST) Received: by mail-pl1-x62f.google.com with SMTP id a9so4706926plh.8 for ; Sat, 20 Feb 2021 01:05:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sargun.me; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=Ndod0SKs53DoouSdXHyF0CmTt+j+rMCAZ9tnPJESopM=; b=QjB1Nxc4ywJRLTx9HaVrpbljgBRGmnEsfaNukEUqOHjHViUDS2tM3XzMVRJHY7Oe4E o5pVmVpAuJUXZT5miqEw6XxVoPPcMfznVLtA5iN/ibuzFLyw45x5zIpqTVaAX27xgodG KM+sEifyExnfEF4mzJIlS4kSONlE1hHHtxsK8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=Ndod0SKs53DoouSdXHyF0CmTt+j+rMCAZ9tnPJESopM=; b=EtEGJRd9aEzTOhN5XlBm4aRIqVXCtgJkrlQOiMer9WdxjVfWKejfMLasLHnC0hAUsL UJBfz6VgeZgqM8sF/W8s15CVNrtKKyXpEU35J8gAmJCxPQZguVG6wnzzvdR7gBWHhgRt hiYZPsrKQjeuQyNi6/SKfXfyIPnIo16Qh2c4pQbkolbL1LphGvU57ZfanIfDvJ+5DBCe wv0aCwAIf3yUzzMsJEMOrN9I/Au1xyH2C0kIDCHxiLjtVBufJuLyLRfAm7i/0oUknNDd xacHPRHYKtGZw1Xe873sMMPRNNvoJ9XDajLSqTWXofpmBXLCXUl0jr2SrBmEsBaPugOI TPTg== X-Gm-Message-State: AOAM532j0AQWbfOaArBwH1wacOVwe8UxI54TAIxWkkY8Wl6utp0Bdyon fimpzUDXzhAj9ihCRIXK6tG68Q== X-Received: by 2002:a17:90a:2848:: with SMTP id p8mr13172691pjf.55.1613811905938; Sat, 20 Feb 2021 01:05:05 -0800 (PST) Received: from ubuntu.netflix.com (136-25-20-203.cab.webpass.net. [136.25.20.203]) by smtp.gmail.com with ESMTPSA id g62sm12226727pgc.32.2021.02.20.01.05.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 20 Feb 2021 01:05:05 -0800 (PST) From: Sargun Dhillon To: Kees Cook , LKML , Linux Containers Cc: Sargun Dhillon , =?UTF-8?q?Mauricio=20V=C3=A1squez=20Bernal?= , Rodrigo Campos , Tycho Andersen , Giuseppe Scrivano Subject: [RFC PATCH 0/3] Seccomp non-preemptible notifier Date: Sat, 20 Feb 2021 01:04:59 -0800 Message-Id: <20210220090502.7202-1-sargun@sargun.me> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This patchset addresses a race condition we've dealt with recently with seccomp. Specifically programs interrupting syscalls while they're in progress. This was exacerbated by Golang's recent adoption of "async preemption", in which they try to interrupt any syscall that's been running for more than 10ms during GC. During certain syscalls, it's non-trivial to write them in a reetrant manner in userspace (mount). This has a couple semantic changes, and relaxes a check on seccomp_data. I can deal with these, but this was a first cut. I also expect that the patch would be squashed down, but it's split out for easier review. Sargun Dhillon (3): seccomp: Refactor notification handler to prepare for new semantics seccomp: Add wait_killable semantic to seccomp user notifier selftests/seccomp: Add test for wait killable notifier include/uapi/linux/seccomp.h | 10 +++ kernel/seccomp.c | 63 +++++++++++++------ tools/testing/selftests/seccomp/seccomp_bpf.c | 60 ++++++++++++++++++ 3 files changed, 114 insertions(+), 19 deletions(-) -- 2.25.1