Received: by 2002:a05:6a10:17d3:0:0:0:0 with SMTP id hz19csp1496780pxb; Sat, 17 Apr 2021 20:57:55 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzQLQZUJPrbZLwzTr8SIJGSk7AQEVqka5hCt2s2Z1fXeiGhuaslkWdRUK4bZlw7paG1iADJ X-Received: by 2002:a17:906:6a15:: with SMTP id o21mr15442741ejr.40.1618718275160; Sat, 17 Apr 2021 20:57:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1618718275; cv=none; d=google.com; s=arc-20160816; b=uYc32gnods6gfJj2Czjp9B/NPzfJ70OnfMvuu4qCaxRRSM57qjJkMZKER2vc67lc7k 0xSyBdeQ+4WD7nXbx+896+u51VCd1uYlb8SAfehELYN1o75zp4F+fRVDF7Rsqq2ztZ5A 1wUcWfYyjhYWjycEWSvY3+TTwrP3h+W5sEZxMWBOH/MgFGnhax+FJ1xt6xQpGdyUYTGy SEkQtYCnC+L71ULVjT6wSimrdnkL8/kFuiiTyQB4hsKJ/9TaSK7NSFpK1aLJfL9y5PsB P4pBgrEQVsh7nik+eA48Idp3O31JSGrRd/tkzb2uw7JGDauD5bA8saiRz/vs4imU8IoX m2Dg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=fnUcXf5ZAUj++fa/tjrDH3s8xVGjfeHzzCb0lbTD9kA=; b=nS+DdzGMJRLkQgvZFOIXT1jt0k5yXbXHaTzlVm7fXF7eBPt0ylJ12gEqGnE5a9POmk pwGcKnHd9xREDCzmsbzKh6JJ4N6dmsZ+gML99dUAoMoT7VC4exZpxFtuLmHcpkg4wn1J zT+7uZeln/iDmx35FIU9Vf0V0h5iQxu0lRhTO2Eq1MEB8cpu3K+NoBaSatgEmaJrGh2u WeSsmRKB618GZVRzrJfmm2WaIWso9eWO3truG6iHJLnnJ+OwWpIRB+tBIdH9bOPr5YTN vGqVygjN3v5bQqqleV+0I+sIjo/Sl3OFTYRkZmbSbg27tKlsJJYwq1vYGrYz97Rn2qel RrtA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@joelfernandes.org header.s=google header.b=IC7ovzKo; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j21si8381922ejx.157.2021.04.17.20.57.21; Sat, 17 Apr 2021 20:57:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@joelfernandes.org header.s=google header.b=IC7ovzKo; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236815AbhDRDxp (ORCPT + 99 others); Sat, 17 Apr 2021 23:53:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49942 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229870AbhDRDxm (ORCPT ); Sat, 17 Apr 2021 23:53:42 -0400 Received: from mail-qt1-x834.google.com (mail-qt1-x834.google.com [IPv6:2607:f8b0:4864:20::834]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B94B0C06174A for ; Sat, 17 Apr 2021 20:52:27 -0700 (PDT) Received: by mail-qt1-x834.google.com with SMTP id z25so1112341qtn.8 for ; Sat, 17 Apr 2021 20:52:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelfernandes.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=fnUcXf5ZAUj++fa/tjrDH3s8xVGjfeHzzCb0lbTD9kA=; b=IC7ovzKoqs0GmZyy+hRoPrOxIbIdAl+zA9V6KpxK9PMinRVQDYEP3TLFFWfWQiSnEU 1guXDfoh0OQyXxXZW1znK8O/tpgSoaCI6vK86SW339n4bkKJ+3Quy7dP/Ua7rF9+n7nL KHhTyHxa2kQLbhGR7JdxdDBs2hdEV/sqsA6eU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=fnUcXf5ZAUj++fa/tjrDH3s8xVGjfeHzzCb0lbTD9kA=; b=fPGrnV5eJajT0lpJEKuObenEoNLIlATOFWzquSE/YJxjaCWn+stO76O2dVXo8wwj6c Jrb+XlQEy4de+LcPuwsrP8qo1K7/nicTwjRNjvy8sKRbtoRdBzOPecAspishRbzPbFET 5N7PDAx0O/IhTb8BRISrBwwp5nDxXGMA9HB9faZsvJHzQaiPGfeJREyk+o0SoZOov7uZ eX7yx/E3WzEE4h9e8NoECEthhRGAciOPfkMRY6p4pIUsPdKhgBQRYZq+cZ8T0j0TUECa 0ebqMeJRjpvVMUNU84rD/8F8+jErt2asl3lfxGOToO53QiN9RjO/h6KMsDl+fbBPh8cI GNlw== X-Gm-Message-State: AOAM5336lUkiDpdQ3+wBUvfUalJ2OA3UFnl22IPlI7wBJCACvvX+8H1Z RMkbSBdqUq2IxmXTe41puQXY8w== X-Received: by 2002:a05:622a:1354:: with SMTP id w20mr3861742qtk.223.1618717946918; Sat, 17 Apr 2021 20:52:26 -0700 (PDT) Received: from localhost ([2620:15c:6:411:5970:b016:6052:152]) by smtp.gmail.com with ESMTPSA id x4sm7121857qkp.78.2021.04.17.20.52.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 17 Apr 2021 20:52:26 -0700 (PDT) Date: Sat, 17 Apr 2021 23:52:25 -0400 From: Joel Fernandes To: Peter Zijlstra Cc: chris.hyser@oracle.com, joshdon@google.com, mingo@kernel.org, vincent.guittot@linaro.org, valentin.schneider@arm.com, mgorman@suse.de, linux-kernel@vger.kernel.org, tj@kernel.org, tglx@linutronix.de Subject: Re: [PATCH 5/9] sched: prctl() core-scheduling interface Message-ID: References: <20210401131012.395311786@infradead.org> <20210401133917.350276562@infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Apr 07, 2021 at 07:00:33PM +0200, Peter Zijlstra wrote: > On Thu, Apr 01, 2021 at 03:10:17PM +0200, Peter Zijlstra wrote: > > > Current hard-coded policies are: > > > > - a user can clear the cookie of any process they can set a cookie for. > > Lack of a cookie *might* be a security issue if cookies are being used > > for that. > > ChromeOS people, what are you doing about this? syscall/prctl filtering? Yes, in ChromeOS, we allow the prctl(2) syscall only before entering the seccomp sandbox. Once we enter the sandbox, we do not allow the prctl(2). This has the nice design that the security is enforced on entering the sandbox, and prior to entering the sandbox, no permissions need be given. Let me know if that makes sense and if you had any other questions. thanks, -Joel