From: YiFei Zhu <zhuyifei1999@gmail.com>
To: Tycho Andersen <tycho@tycho.pizza>
Cc: Andrea Arcangeli <aarcange@redhat.com>,
Giuseppe Scrivano <gscrivan@redhat.com>,
Will Drewry <wad@chromium.org>, Kees Cook <keescook@chromium.org>,
Jann Horn <jannh@google.com>, YiFei Zhu <yifeifz2@illinois.edu>,
linux-kernel@vger.kernel.org,
Linux Containers <containers@lists.linux-foundation.org>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
Hubertus Franke <frankeh@us.ibm.com>,
Andy Lutomirski <luto@amacapital.net>,
Valentin Rothberg <vrothber@redhat.com>,
Dimitrios Skarlatos <dskarlat@cs.cmu.edu>,
Jack Chen <jianyan2@illinois.edu>,
Josep Torrellas <torrella@illinois.edu>,
bpf@vger.kernel.org, Tianyin Xu <tyxu@illinois.edu>
Subject: Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
Date: Mon, 21 Sep 2020 10:27:56 -0500 [thread overview]
Message-ID: <CABqSeASEw=Qr2CroKEpTyWMRXQkamKVUzXiEe2UsoQTCcv_99A@mail.gmail.com> (raw)
In-Reply-To: <20200921135115.GC3794348@cisco>
On Mon, Sep 21, 2020 at 8:51 AM Tycho Andersen <tycho@tycho.pizza> wrote:
> One problem with a kernel config setting is that it's for all tasks.
> While docker and systemd may make decsisions based on syscall number,
> other applications may have more nuanced filters, and this cache would
> yield incorrect results.
>
> You could work around this by making this a filter flag instead;
> filter authors would generally know whether their filter results can
> be cached and probably be motivated to opt in if their users are
> complaining about slow syscall execution.
>
> Tycho
Yielding incorrect results should not be possible. The purpose of the
"emulator" (for the lack of a better term) is to determine whether the
filter reads any syscall arguments. A read from a syscall argument
must go through the BPF_LD | BPF_ABS instruction, where the 32 bit
multiuse field "k" is an offset to struct seccomp_data.
struct seccomp_data contains four components [1]: syscall number,
architecture number, instruction pointer at the time of syscall, and
syscall arguments. The syscall number is enumerated by the emulator.
The arch number is treated by the cache as 'if arch number is
different from cached arch number, flush cache' (this is in
seccomp_cache_check). The last two (ip and args) are treated exactly
the same way in this patch: if the filter loads the arguments at all,
the syscall is marked non-cacheable for any architecture number.
The struct seccomp_data is the only external thing the filter may
access. It is also cBPF so it cannot contain maps to store special
states between runs. Therefore a seccomp filter is pure function. If
we know given some inputs (the syscall number and arch number) the
function will not evaluate any other inputs before returning, then we
can safely cache with just the inputs in concern.
As for the overhead, on my x86_64 with gcc 10.2.0, seccomp_cache_check
compiles into:
if (unlikely(syscall_nr < 0 || syscall_nr >= NR_syscalls))
return false;
0xffffffff8120fdb3 <+99>: movsxd rdx,DWORD PTR [r12]
0xffffffff8120fdb7 <+103>: cmp edx,0x1b7
0xffffffff8120fdbd <+109>: ja 0xffffffff8120fdf9 <__seccomp_filter+169>
if (unlikely(thread_data->last_filter != sfilter ||
thread_data->last_arch != sd->arch)) {
0xffffffff8120fdbf <+111>: mov rdi,QWORD PTR [rbp-0xb8]
0xffffffff8120fdc6 <+118>: lea rsi,[rax+0x6f0]
0xffffffff8120fdcd <+125>: cmp rdi,QWORD PTR [rax+0x728]
0xffffffff8120fdd4 <+132>: jne 0xffffffff812101f0 <__seccomp_filter+1184>
0xffffffff8120fdda <+138>: mov ebx,DWORD PTR [r12+0x4]
0xffffffff8120fddf <+143>: cmp DWORD PTR [rax+0x730],ebx
0xffffffff8120fde5 <+149>: jne 0xffffffff812101f0 <__seccomp_filter+1184>
return test_bit(syscall_nr, thread_data->syscall_ok);
0xffffffff8120fdeb <+155>: bt QWORD PTR [rax+0x6f0],rdx
0xffffffff8120fdf3 <+163>: jb 0xffffffff8120ffb7 <__seccomp_filter+615>
[... unlikely path of cache flush omitted]
and seccomp_cache_insert compiles into:
if (unlikely(syscall_nr < 0 || syscall_nr >= NR_syscalls))
return;
0xffffffff8121021b <+1227>: movsxd rax,DWORD PTR [r12]
0xffffffff8121021f <+1231>: cmp eax,0x1b7
0xffffffff81210224 <+1236>: ja 0xffffffff8120ffb7 <__seccomp_filter+615>
if (!test_bit(syscall_nr, sfilter->cache.syscall_ok))
return;
0xffffffff8121022a <+1242>: mov rbx,QWORD PTR [rbp-0xb8]
0xffffffff81210231 <+1249>: mov rdx,QWORD PTR gs:0x17000
0xffffffff8121023a <+1258>: bt QWORD PTR [rbx+0x108],rax
0xffffffff81210242 <+1266>: jae 0xffffffff8120ffb7 <__seccomp_filter+615>
set_bit(syscall_nr, thread_data->syscall_ok);
0xffffffff81210248 <+1272>: lock bts QWORD PTR [rdx+0x6f0],rax
0xffffffff81210251 <+1281>: jmp 0xffffffff8120ffb7 <__seccomp_filter+615>
In the circumstance of a non-cacheable syscall happening over and
over, the code path would go through the syscall_nr bound check, then
the filter flush check, then the test_bit, then another syscall_nr
bound check and one more test_bit in seccomp_cache_insert. Considering
that they are either stack variables, elements of current task_struct,
and elements of the filter struct, I imagine they would well be in the
CPU data cache and not incur much overhead. The CPU is also free to
branch predict and reorder memory accesses (there are no hardware
memory barriers here) to further increase the efficiency, whereas a
normal filter execution would be impaired by things like retpoline.
If one were to add an additional flag for
does-userspace-want-us-to-cache, it would still be a member of the
filter struct. What would be loaded into the CPU data cache originally
would still be loaded. Correct me if I'm wrong, but I don't think that
check will reduce any significant overhead of the seccomp cache
itself.
That said, I have not profiled the exact number of milliseconds this
patch would incur to uncacheable syscalls, I can report back with
numbers if you would like to see.
Does that answer your concern?
YiFei Zhu
[1] https://elixir.bootlin.com/linux/latest/source/include/uapi/linux/seccomp.h#L60
_______________________________________________
Containers mailing list
Containers@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/containers
WARNING: multiple messages have this Message-ID (diff)
From: YiFei Zhu <zhuyifei1999@gmail.com>
To: Tycho Andersen <tycho@tycho.pizza>
Cc: Linux Containers <containers@lists.linux-foundation.org>,
Andrea Arcangeli <aarcange@redhat.com>,
Giuseppe Scrivano <gscrivan@redhat.com>,
Kees Cook <keescook@chromium.org>,
YiFei Zhu <yifeifz2@illinois.edu>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
Dimitrios Skarlatos <dskarlat@cs.cmu.edu>,
Valentin Rothberg <vrothber@redhat.com>,
Hubertus Franke <frankeh@us.ibm.com>,
Jack Chen <jianyan2@illinois.edu>,
Josep Torrellas <torrella@illinois.edu>,
bpf@vger.kernel.org, Tianyin Xu <tyxu@illinois.edu>,
Andy Lutomirski <luto@amacapital.net>,
Will Drewry <wad@chromium.org>, Jann Horn <jannh@google.com>,
Aleksa Sarai <cyphar@cyphar.com>,
linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
Date: Mon, 21 Sep 2020 10:27:56 -0500 [thread overview]
Message-ID: <CABqSeASEw=Qr2CroKEpTyWMRXQkamKVUzXiEe2UsoQTCcv_99A@mail.gmail.com> (raw)
In-Reply-To: <20200921135115.GC3794348@cisco>
On Mon, Sep 21, 2020 at 8:51 AM Tycho Andersen <tycho@tycho.pizza> wrote:
> One problem with a kernel config setting is that it's for all tasks.
> While docker and systemd may make decsisions based on syscall number,
> other applications may have more nuanced filters, and this cache would
> yield incorrect results.
>
> You could work around this by making this a filter flag instead;
> filter authors would generally know whether their filter results can
> be cached and probably be motivated to opt in if their users are
> complaining about slow syscall execution.
>
> Tycho
Yielding incorrect results should not be possible. The purpose of the
"emulator" (for the lack of a better term) is to determine whether the
filter reads any syscall arguments. A read from a syscall argument
must go through the BPF_LD | BPF_ABS instruction, where the 32 bit
multiuse field "k" is an offset to struct seccomp_data.
struct seccomp_data contains four components [1]: syscall number,
architecture number, instruction pointer at the time of syscall, and
syscall arguments. The syscall number is enumerated by the emulator.
The arch number is treated by the cache as 'if arch number is
different from cached arch number, flush cache' (this is in
seccomp_cache_check). The last two (ip and args) are treated exactly
the same way in this patch: if the filter loads the arguments at all,
the syscall is marked non-cacheable for any architecture number.
The struct seccomp_data is the only external thing the filter may
access. It is also cBPF so it cannot contain maps to store special
states between runs. Therefore a seccomp filter is pure function. If
we know given some inputs (the syscall number and arch number) the
function will not evaluate any other inputs before returning, then we
can safely cache with just the inputs in concern.
As for the overhead, on my x86_64 with gcc 10.2.0, seccomp_cache_check
compiles into:
if (unlikely(syscall_nr < 0 || syscall_nr >= NR_syscalls))
return false;
0xffffffff8120fdb3 <+99>: movsxd rdx,DWORD PTR [r12]
0xffffffff8120fdb7 <+103>: cmp edx,0x1b7
0xffffffff8120fdbd <+109>: ja 0xffffffff8120fdf9 <__seccomp_filter+169>
if (unlikely(thread_data->last_filter != sfilter ||
thread_data->last_arch != sd->arch)) {
0xffffffff8120fdbf <+111>: mov rdi,QWORD PTR [rbp-0xb8]
0xffffffff8120fdc6 <+118>: lea rsi,[rax+0x6f0]
0xffffffff8120fdcd <+125>: cmp rdi,QWORD PTR [rax+0x728]
0xffffffff8120fdd4 <+132>: jne 0xffffffff812101f0 <__seccomp_filter+1184>
0xffffffff8120fdda <+138>: mov ebx,DWORD PTR [r12+0x4]
0xffffffff8120fddf <+143>: cmp DWORD PTR [rax+0x730],ebx
0xffffffff8120fde5 <+149>: jne 0xffffffff812101f0 <__seccomp_filter+1184>
return test_bit(syscall_nr, thread_data->syscall_ok);
0xffffffff8120fdeb <+155>: bt QWORD PTR [rax+0x6f0],rdx
0xffffffff8120fdf3 <+163>: jb 0xffffffff8120ffb7 <__seccomp_filter+615>
[... unlikely path of cache flush omitted]
and seccomp_cache_insert compiles into:
if (unlikely(syscall_nr < 0 || syscall_nr >= NR_syscalls))
return;
0xffffffff8121021b <+1227>: movsxd rax,DWORD PTR [r12]
0xffffffff8121021f <+1231>: cmp eax,0x1b7
0xffffffff81210224 <+1236>: ja 0xffffffff8120ffb7 <__seccomp_filter+615>
if (!test_bit(syscall_nr, sfilter->cache.syscall_ok))
return;
0xffffffff8121022a <+1242>: mov rbx,QWORD PTR [rbp-0xb8]
0xffffffff81210231 <+1249>: mov rdx,QWORD PTR gs:0x17000
0xffffffff8121023a <+1258>: bt QWORD PTR [rbx+0x108],rax
0xffffffff81210242 <+1266>: jae 0xffffffff8120ffb7 <__seccomp_filter+615>
set_bit(syscall_nr, thread_data->syscall_ok);
0xffffffff81210248 <+1272>: lock bts QWORD PTR [rdx+0x6f0],rax
0xffffffff81210251 <+1281>: jmp 0xffffffff8120ffb7 <__seccomp_filter+615>
In the circumstance of a non-cacheable syscall happening over and
over, the code path would go through the syscall_nr bound check, then
the filter flush check, then the test_bit, then another syscall_nr
bound check and one more test_bit in seccomp_cache_insert. Considering
that they are either stack variables, elements of current task_struct,
and elements of the filter struct, I imagine they would well be in the
CPU data cache and not incur much overhead. The CPU is also free to
branch predict and reorder memory accesses (there are no hardware
memory barriers here) to further increase the efficiency, whereas a
normal filter execution would be impaired by things like retpoline.
If one were to add an additional flag for
does-userspace-want-us-to-cache, it would still be a member of the
filter struct. What would be loaded into the CPU data cache originally
would still be loaded. Correct me if I'm wrong, but I don't think that
check will reduce any significant overhead of the seccomp cache
itself.
That said, I have not profiled the exact number of milliseconds this
patch would incur to uncacheable syscalls, I can report back with
numbers if you would like to see.
Does that answer your concern?
YiFei Zhu
[1] https://elixir.bootlin.com/linux/latest/source/include/uapi/linux/seccomp.h#L60
next prev parent reply other threads:[~2020-09-21 15:28 UTC|newest]
Thread overview: 302+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-21 5:35 [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls YiFei Zhu
2020-09-21 5:35 ` YiFei Zhu
2020-09-21 5:35 ` [RFC PATCH seccomp 1/2] seccomp/cache: Add "emulator" to check if filter is arg-dependent YiFei Zhu
2020-09-21 5:35 ` YiFei Zhu
2020-09-21 17:47 ` Jann Horn via Containers
2020-09-21 17:47 ` Jann Horn
2020-09-21 18:38 ` Jann Horn via Containers
2020-09-21 18:38 ` Jann Horn
2020-09-21 23:44 ` YiFei Zhu
2020-09-21 23:44 ` YiFei Zhu
2020-09-22 0:25 ` Jann Horn via Containers
2020-09-22 0:25 ` Jann Horn
2020-09-22 0:47 ` YiFei Zhu
2020-09-22 0:47 ` YiFei Zhu
2020-09-21 5:35 ` [RFC PATCH seccomp 2/2] seccomp/cache: Cache filter results that allow syscalls YiFei Zhu
2020-09-21 5:35 ` YiFei Zhu
2020-09-21 18:08 ` Jann Horn via Containers
2020-09-21 18:08 ` Jann Horn
2020-09-21 22:50 ` YiFei Zhu
2020-09-21 22:50 ` YiFei Zhu
2020-09-21 22:57 ` Jann Horn via Containers
2020-09-21 22:57 ` Jann Horn
2020-09-21 23:08 ` YiFei Zhu
2020-09-21 23:08 ` YiFei Zhu
2020-09-25 0:01 ` [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array Kees Cook
2020-09-25 0:01 ` Kees Cook
2020-09-25 0:15 ` Jann Horn via Containers
2020-09-25 0:15 ` Jann Horn
2020-09-25 0:18 ` Al Viro
2020-09-25 0:18 ` Al Viro
2020-09-25 0:24 ` Jann Horn via Containers
2020-09-25 0:24 ` Jann Horn
2020-09-25 1:27 ` YiFei Zhu
2020-09-25 1:27 ` YiFei Zhu
2020-09-25 3:09 ` Kees Cook
2020-09-25 3:09 ` Kees Cook
2020-09-25 3:28 ` YiFei Zhu
2020-09-25 3:28 ` YiFei Zhu
2020-09-25 16:39 ` YiFei Zhu
2020-09-25 16:39 ` YiFei Zhu
2020-09-21 5:48 ` [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls Sargun Dhillon
2020-09-21 5:48 ` Sargun Dhillon
2020-09-21 7:13 ` YiFei Zhu
2020-09-21 7:13 ` YiFei Zhu
2020-09-21 8:30 ` Christian Brauner
2020-09-21 8:30 ` Christian Brauner
2020-09-21 8:44 ` YiFei Zhu
2020-09-21 8:44 ` YiFei Zhu
2020-09-21 13:51 ` Tycho Andersen
2020-09-21 13:51 ` Tycho Andersen
2020-09-21 15:27 ` YiFei Zhu [this message]
2020-09-21 15:27 ` YiFei Zhu
2020-09-21 16:39 ` Tycho Andersen
2020-09-21 16:39 ` Tycho Andersen
2020-09-21 22:57 ` YiFei Zhu
2020-09-21 22:57 ` YiFei Zhu
2020-09-21 19:16 ` Jann Horn via Containers
2020-09-21 19:16 ` Jann Horn
2020-09-21 19:35 ` Hubertus Franke
2020-09-21 19:45 ` Jann Horn via Containers
2020-09-21 19:45 ` Jann Horn
2020-09-23 19:26 ` Kees Cook
2020-09-23 19:26 ` Kees Cook
2020-09-23 22:54 ` YiFei Zhu
2020-09-23 22:54 ` YiFei Zhu
2020-09-24 6:52 ` Kees Cook
2020-09-24 6:52 ` Kees Cook
2020-09-24 12:06 ` [PATCH seccomp 0/6] " YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` [PATCH seccomp 1/6] seccomp: Move config option SECCOMP to arch/Kconfig YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` [PATCH seccomp 2/6] asm/syscall.h: Add syscall_arches[] array YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` [PATCH seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` [PATCH seccomp 4/6] seccomp/cache: Lookup syscall allowlist for fast path YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` [PATCH seccomp 5/6] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` [PATCH seccomp 6/6] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:44 ` [PATCH v2 seccomp 0/6] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 12:44 ` [PATCH v2 seccomp 1/6] seccomp: Move config option SECCOMP to arch/Kconfig YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 19:11 ` Kees Cook
2020-09-24 19:11 ` Kees Cook
2020-10-27 9:52 ` Geert Uytterhoeven
2020-10-27 9:52 ` Geert Uytterhoeven
2020-10-27 19:08 ` YiFei Zhu
2020-10-27 19:08 ` YiFei Zhu
2020-10-28 0:06 ` Kees Cook
2020-10-28 0:06 ` Kees Cook
2020-10-28 8:18 ` Geert Uytterhoeven
2020-10-28 8:18 ` Geert Uytterhoeven
2020-10-28 9:34 ` Jann Horn via Containers
2020-10-28 9:34 ` Jann Horn
2020-09-24 12:44 ` [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 13:47 ` David Laight
2020-09-24 13:47 ` David Laight
2020-09-24 14:16 ` YiFei Zhu
2020-09-24 14:16 ` YiFei Zhu
2020-09-24 14:20 ` David Laight
2020-09-24 14:20 ` David Laight
2020-09-24 14:37 ` YiFei Zhu
2020-09-24 14:37 ` YiFei Zhu
2020-09-24 16:02 ` YiFei Zhu
2020-09-24 16:02 ` YiFei Zhu
2020-09-24 12:44 ` [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 23:25 ` Kees Cook
2020-09-24 23:25 ` Kees Cook
2020-09-25 3:04 ` YiFei Zhu
2020-09-25 3:04 ` YiFei Zhu
2020-09-25 16:45 ` YiFei Zhu
2020-09-25 16:45 ` YiFei Zhu
2020-09-25 19:42 ` Kees Cook
2020-09-25 19:42 ` Kees Cook
2020-09-25 19:51 ` Andy Lutomirski
2020-09-25 19:51 ` Andy Lutomirski
2020-09-25 20:37 ` Kees Cook
2020-09-25 20:37 ` Kees Cook
2020-09-25 21:07 ` Andy Lutomirski
2020-09-25 21:07 ` Andy Lutomirski
2020-09-25 23:49 ` Kees Cook
2020-09-25 23:49 ` Kees Cook
2020-09-26 0:34 ` Andy Lutomirski
2020-09-26 0:34 ` Andy Lutomirski
2020-09-26 1:23 ` YiFei Zhu
2020-09-26 1:23 ` YiFei Zhu
2020-09-26 2:47 ` Andy Lutomirski
2020-09-26 2:47 ` Andy Lutomirski
2020-09-26 4:35 ` Kees Cook
2020-09-26 4:35 ` Kees Cook
2020-09-24 12:44 ` [PATCH v2 seccomp 4/6] seccomp/cache: Lookup syscall allowlist for fast path YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 23:46 ` Kees Cook
2020-09-24 23:46 ` Kees Cook
2020-09-25 1:55 ` YiFei Zhu
2020-09-25 1:55 ` YiFei Zhu
2020-09-24 12:44 ` [PATCH v2 seccomp 5/6] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 23:47 ` Kees Cook
2020-09-24 23:47 ` Kees Cook
2020-09-25 1:35 ` YiFei Zhu
2020-09-25 1:35 ` YiFei Zhu
2020-09-24 12:44 ` [PATCH v2 seccomp 6/6] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 23:56 ` Kees Cook
2020-09-24 23:56 ` Kees Cook
2020-09-25 3:11 ` YiFei Zhu
2020-09-25 3:11 ` YiFei Zhu
2020-09-25 3:26 ` Kees Cook
2020-09-25 3:26 ` Kees Cook
2020-09-30 15:19 ` [PATCH v3 seccomp 0/5] seccomp: Add bitmap cache of constant allow filter results YiFei Zhu
2020-09-30 15:19 ` YiFei Zhu
2020-09-30 15:19 ` [PATCH v3 seccomp 1/5] x86: Enable seccomp architecture tracking YiFei Zhu
2020-09-30 15:19 ` YiFei Zhu
2020-09-30 21:21 ` Kees Cook
2020-09-30 21:21 ` Kees Cook
2020-09-30 21:33 ` Jann Horn via Containers
2020-09-30 21:33 ` Jann Horn
2020-09-30 22:53 ` Kees Cook
2020-09-30 22:53 ` Kees Cook
2020-09-30 23:15 ` Jann Horn via Containers
2020-09-30 23:15 ` Jann Horn
2020-09-30 15:19 ` [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow YiFei Zhu
2020-09-30 15:19 ` YiFei Zhu
2020-09-30 22:24 ` Jann Horn via Containers
2020-09-30 22:24 ` Jann Horn
2020-09-30 22:49 ` Kees Cook
2020-09-30 22:49 ` Kees Cook
2020-10-01 11:28 ` YiFei Zhu
2020-10-01 11:28 ` YiFei Zhu
2020-10-01 21:08 ` Jann Horn via Containers
2020-10-01 21:08 ` Jann Horn
2020-09-30 22:40 ` Kees Cook
2020-09-30 22:40 ` Kees Cook
2020-10-01 11:52 ` YiFei Zhu
2020-10-01 11:52 ` YiFei Zhu
2020-10-01 21:05 ` Kees Cook
2020-10-01 21:05 ` Kees Cook
2020-10-02 11:08 ` YiFei Zhu
2020-10-02 11:08 ` YiFei Zhu
2020-10-09 4:47 ` YiFei Zhu
2020-10-09 4:47 ` YiFei Zhu
2020-10-09 5:41 ` Kees Cook
2020-10-09 5:41 ` Kees Cook
2020-09-30 15:19 ` [PATCH v3 seccomp 3/5] seccomp/cache: Lookup syscall allowlist for fast path YiFei Zhu
2020-09-30 15:19 ` YiFei Zhu
2020-09-30 21:32 ` Kees Cook
2020-09-30 21:32 ` Kees Cook
2020-10-09 0:17 ` YiFei Zhu
2020-10-09 0:17 ` YiFei Zhu
2020-10-09 5:35 ` Kees Cook
2020-10-09 5:35 ` Kees Cook
2020-09-30 15:19 ` [PATCH v3 seccomp 4/5] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu
2020-09-30 15:19 ` YiFei Zhu
2020-09-30 15:19 ` [PATCH v3 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu
2020-09-30 15:19 ` YiFei Zhu
2020-09-30 22:00 ` Jann Horn via Containers
2020-09-30 22:00 ` Jann Horn
2020-09-30 23:12 ` Kees Cook
2020-09-30 23:12 ` Kees Cook
2020-10-01 12:06 ` YiFei Zhu
2020-10-01 12:06 ` YiFei Zhu
2020-10-01 16:05 ` Jann Horn via Containers
2020-10-01 16:05 ` Jann Horn
2020-10-01 16:18 ` YiFei Zhu
2020-10-01 16:18 ` YiFei Zhu
2020-09-30 22:59 ` Kees Cook
2020-09-30 22:59 ` Kees Cook
2020-09-30 23:08 ` Jann Horn via Containers
2020-09-30 23:08 ` Jann Horn
2020-09-30 23:21 ` Kees Cook
2020-09-30 23:21 ` Kees Cook
2020-10-09 17:14 ` [PATCH v4 seccomp 0/5] seccomp: Add bitmap cache of constant allow filter results YiFei Zhu
2020-10-09 17:14 ` YiFei Zhu
2020-10-09 17:14 ` [PATCH v4 seccomp 1/5] seccomp/cache: Lookup syscall allowlist bitmap for fast path YiFei Zhu
2020-10-09 17:14 ` YiFei Zhu
2020-10-09 21:30 ` Jann Horn via Containers
2020-10-09 21:30 ` Jann Horn
2020-10-09 23:18 ` Kees Cook
2020-10-09 23:18 ` Kees Cook
2020-10-09 17:14 ` [PATCH v4 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow YiFei Zhu
2020-10-09 17:14 ` YiFei Zhu
2020-10-09 21:30 ` Jann Horn via Containers
2020-10-09 21:30 ` Jann Horn
2020-10-09 22:47 ` Kees Cook
2020-10-09 22:47 ` Kees Cook
2020-10-09 17:14 ` [PATCH v4 seccomp 3/5] x86: Enable seccomp architecture tracking YiFei Zhu
2020-10-09 17:14 ` YiFei Zhu
2020-10-09 17:25 ` Andy Lutomirski
2020-10-09 17:25 ` Andy Lutomirski
2020-10-09 18:32 ` YiFei Zhu
2020-10-09 18:32 ` YiFei Zhu
2020-10-09 20:59 ` Andy Lutomirski
2020-10-09 20:59 ` Andy Lutomirski
2020-10-09 17:14 ` [PATCH v4 seccomp 4/5] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu
2020-10-09 17:14 ` YiFei Zhu
2020-10-09 17:14 ` [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu
2020-10-09 17:14 ` YiFei Zhu
2020-10-09 21:24 ` kernel test robot
2020-10-09 21:24 ` kernel test robot
2020-10-09 21:24 ` kernel test robot
2020-10-09 21:45 ` Jann Horn via Containers
2020-10-09 21:45 ` Jann Horn
2020-10-09 23:14 ` Kees Cook
2020-10-09 23:14 ` Kees Cook
2020-10-10 13:26 ` YiFei Zhu
2020-10-10 13:26 ` YiFei Zhu
2020-10-12 22:57 ` Kees Cook
2020-10-12 22:57 ` Kees Cook
2020-10-13 0:31 ` YiFei Zhu
2020-10-13 0:31 ` YiFei Zhu
2020-10-22 20:52 ` YiFei Zhu
2020-10-22 20:52 ` YiFei Zhu
2020-10-22 22:32 ` Kees Cook
2020-10-22 22:32 ` Kees Cook
2020-10-22 23:40 ` YiFei Zhu
2020-10-22 23:40 ` YiFei Zhu
2020-10-24 2:51 ` Kees Cook
2020-10-24 2:51 ` Kees Cook
2020-10-30 12:18 ` YiFei Zhu
2020-10-30 12:18 ` YiFei Zhu
2020-11-03 13:00 ` YiFei Zhu
2020-11-03 13:00 ` YiFei Zhu
2020-11-04 0:29 ` Kees Cook
2020-11-04 0:29 ` Kees Cook
2020-11-04 11:40 ` YiFei Zhu
2020-11-04 11:40 ` YiFei Zhu
2020-11-04 18:57 ` Kees Cook
2020-11-04 18:57 ` Kees Cook
2020-10-11 15:47 ` [PATCH v5 seccomp 0/5]seccomp: Add bitmap cache of constant allow filter results YiFei Zhu
2020-10-11 15:47 ` YiFei Zhu
2020-10-11 15:47 ` [PATCH v5 seccomp 1/5] seccomp/cache: Lookup syscall allowlist bitmap for fast path YiFei Zhu
2020-10-11 15:47 ` YiFei Zhu
2020-10-12 6:42 ` Jann Horn via Containers
2020-10-12 6:42 ` Jann Horn
2020-10-11 15:47 ` [PATCH v5 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow YiFei Zhu
2020-10-11 15:47 ` YiFei Zhu
2020-10-12 6:46 ` Jann Horn via Containers
2020-10-12 6:46 ` Jann Horn
2020-10-11 15:47 ` [PATCH v5 seccomp 3/5] x86: Enable seccomp architecture tracking YiFei Zhu
2020-10-11 15:47 ` YiFei Zhu
2020-10-11 15:47 ` [PATCH v5 seccomp 4/5] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu
2020-10-11 15:47 ` YiFei Zhu
2020-10-11 15:47 ` [PATCH v5 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu
2020-10-11 15:47 ` YiFei Zhu
2020-10-12 6:49 ` Jann Horn via Containers
2020-10-12 6:49 ` Jann Horn
2020-12-17 12:14 ` Geert Uytterhoeven
2020-12-17 12:14 ` Geert Uytterhoeven
2020-12-17 18:34 ` YiFei Zhu
2020-12-17 18:34 ` YiFei Zhu
2020-12-18 12:35 ` Geert Uytterhoeven
2020-12-18 12:35 ` Geert Uytterhoeven
2020-10-27 19:14 ` [PATCH v5 seccomp 0/5]seccomp: Add bitmap cache of constant allow filter results Kees Cook
2020-10-27 19:14 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CABqSeASEw=Qr2CroKEpTyWMRXQkamKVUzXiEe2UsoQTCcv_99A@mail.gmail.com' \
--to=zhuyifei1999@gmail.com \
--cc=aarcange@redhat.com \
--cc=bpf@vger.kernel.org \
--cc=containers@lists.linux-foundation.org \
--cc=dskarlat@cs.cmu.edu \
--cc=frankeh@us.ibm.com \
--cc=gscrivan@redhat.com \
--cc=jannh@google.com \
--cc=jianyan2@illinois.edu \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=tobin@ibm.com \
--cc=torrella@illinois.edu \
--cc=tycho@tycho.pizza \
--cc=tyxu@illinois.edu \
--cc=vrothber@redhat.com \
--cc=wad@chromium.org \
--cc=yifeifz2@illinois.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.