From: Kees Cook <keescook@chromium.org> To: YiFei Zhu <zhuyifei1999@gmail.com> Cc: Andrea Arcangeli <aarcange@redhat.com>, Giuseppe Scrivano <gscrivan@redhat.com>, Valentin Rothberg <vrothber@redhat.com>, Jann Horn <jannh@google.com>, YiFei Zhu <yifeifz2@illinois.edu>, containers@lists.linux-foundation.org, Tobin Feldman-Fitzthum <tobin@ibm.com>, linux-kernel@vger.kernel.org, Andy Lutomirski <luto@amacapital.net>, Hubertus Franke <frankeh@us.ibm.com>, Jack Chen <jianyan2@illinois.edu>, Dimitrios Skarlatos <dskarlat@cs.cmu.edu>, Josep Torrellas <torrella@illinois.edu>, Will Drewry <wad@chromium.org>, bpf@vger.kernel.org, Tianyin Xu <tyxu@illinois.edu> Subject: Re: [PATCH v2 seccomp 4/6] seccomp/cache: Lookup syscall allowlist for fast path Date: Thu, 24 Sep 2020 16:46:06 -0700 [thread overview] Message-ID: <202009241640.7E3C54CF@keescook> (raw) In-Reply-To: <64052a5b81d5dacd63efb577c1d99e6f98e69702.1600951211.git.yifeifz2@illinois.edu> On Thu, Sep 24, 2020 at 07:44:19AM -0500, YiFei Zhu wrote: > From: YiFei Zhu <yifeifz2@illinois.edu> > > The fast (common) path for seccomp should be that the filter permits > the syscall to pass through, and failing seccomp is expected to be > an exceptional case; it is not expected for userspace to call a > denylisted syscall over and over. > > This first finds the current allow bitmask by iterating through > syscall_arches[] array and comparing it to the one in struct > seccomp_data; this loop is expected to be unrolled. It then > does a test_bit against the bitmask. If the bit is set, then > there is no need to run the full filter; it returns > SECCOMP_RET_ALLOW immediately. > > Co-developed-by: Dimitrios Skarlatos <dskarlat@cs.cmu.edu> > Signed-off-by: Dimitrios Skarlatos <dskarlat@cs.cmu.edu> > Signed-off-by: YiFei Zhu <yifeifz2@illinois.edu> > --- > kernel/seccomp.c | 37 +++++++++++++++++++++++++++++++++++++ > 1 file changed, 37 insertions(+) > > diff --git a/kernel/seccomp.c b/kernel/seccomp.c > index 20d33378a092..ac0266b6d18a 100644 > --- a/kernel/seccomp.c > +++ b/kernel/seccomp.c > @@ -167,6 +167,12 @@ static inline void seccomp_cache_inherit(struct seccomp_filter *sfilter, > const struct seccomp_filter *prev) > { > } > + > +static inline bool seccomp_cache_check(const struct seccomp_filter *sfilter, > + const struct seccomp_data *sd) > +{ > + return false; > +} > #endif /* CONFIG_SECCOMP_CACHE_NR_ONLY */ > > /** > @@ -321,6 +327,34 @@ static int seccomp_check_filter(struct sock_filter *filter, unsigned int flen) > return 0; > } > > +#ifdef CONFIG_SECCOMP_CACHE_NR_ONLY > +/** > + * seccomp_cache_check - lookup seccomp cache > + * @sfilter: The seccomp filter > + * @sd: The seccomp data to lookup the cache with > + * > + * Returns true if the seccomp_data is cached and allowed. > + */ > +static bool seccomp_cache_check(const struct seccomp_filter *sfilter, > + const struct seccomp_data *sd) > +{ > + int syscall_nr = sd->nr; > + int arch; > + > + if (unlikely(syscall_nr < 0 || syscall_nr >= NR_syscalls)) > + return false; This protects us from x32 (i.e. syscall_nr will have 0x40000000 bit set), but given the effort needed to support compat, I think supporting x32 isn't much more. (Though again, I note that NR_syscalls differs in size, so this test needs to be per-arch and obviously after arch-discovery.) That said, if it really does turn out that x32 is literally the only architecture doing these shenanigans (and I suspect not, given the MIPS case), okay, fine, I'll give in. :) You and Jann both seem to think this isn't worth it. > + > + for (arch = 0; arch < ARRAY_SIZE(syscall_arches); arch++) { > + if (likely(syscall_arches[arch] == sd->arch)) I think this linear search for the matching arch can be made O(1) (this is what I was trying to do in v1: we can map all possible combos to a distinct bitmap, so there is just math and lookup rather than a linear compare search. In the one-arch case, it can also be easily collapsed into a no-op (though my v1 didn't do this correctly). > + return test_bit(syscall_nr, > + sfilter->cache.syscall_ok[arch]); > + } > + > + WARN_ON_ONCE(true); > + return false; > +} > +#endif /* CONFIG_SECCOMP_CACHE_NR_ONLY */ > + > /** > * seccomp_run_filters - evaluates all seccomp filters against @sd > * @sd: optional seccomp data to be passed to filters > @@ -343,6 +377,9 @@ static u32 seccomp_run_filters(const struct seccomp_data *sd, > if (WARN_ON(f == NULL)) > return SECCOMP_RET_KILL_PROCESS; > > + if (seccomp_cache_check(f, sd)) > + return SECCOMP_RET_ALLOW; > + > /* > * All filters in the list are evaluated and the lowest BPF return > * value always takes priority (ignoring the DATA). > -- > 2.28.0 > -- Kees Cook _______________________________________________ Containers mailing list Containers@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/containers
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org> To: YiFei Zhu <zhuyifei1999@gmail.com> Cc: containers@lists.linux-foundation.org, YiFei Zhu <yifeifz2@illinois.edu>, bpf@vger.kernel.org, linux-kernel@vger.kernel.org, Aleksa Sarai <cyphar@cyphar.com>, Andrea Arcangeli <aarcange@redhat.com>, Andy Lutomirski <luto@amacapital.net>, Dimitrios Skarlatos <dskarlat@cs.cmu.edu>, Giuseppe Scrivano <gscrivan@redhat.com>, Hubertus Franke <frankeh@us.ibm.com>, Jack Chen <jianyan2@illinois.edu>, Jann Horn <jannh@google.com>, Josep Torrellas <torrella@illinois.edu>, Tianyin Xu <tyxu@illinois.edu>, Tobin Feldman-Fitzthum <tobin@ibm.com>, Tycho Andersen <tycho@tycho.pizza>, Valentin Rothberg <vrothber@redhat.com>, Will Drewry <wad@chromium.org> Subject: Re: [PATCH v2 seccomp 4/6] seccomp/cache: Lookup syscall allowlist for fast path Date: Thu, 24 Sep 2020 16:46:06 -0700 [thread overview] Message-ID: <202009241640.7E3C54CF@keescook> (raw) In-Reply-To: <64052a5b81d5dacd63efb577c1d99e6f98e69702.1600951211.git.yifeifz2@illinois.edu> On Thu, Sep 24, 2020 at 07:44:19AM -0500, YiFei Zhu wrote: > From: YiFei Zhu <yifeifz2@illinois.edu> > > The fast (common) path for seccomp should be that the filter permits > the syscall to pass through, and failing seccomp is expected to be > an exceptional case; it is not expected for userspace to call a > denylisted syscall over and over. > > This first finds the current allow bitmask by iterating through > syscall_arches[] array and comparing it to the one in struct > seccomp_data; this loop is expected to be unrolled. It then > does a test_bit against the bitmask. If the bit is set, then > there is no need to run the full filter; it returns > SECCOMP_RET_ALLOW immediately. > > Co-developed-by: Dimitrios Skarlatos <dskarlat@cs.cmu.edu> > Signed-off-by: Dimitrios Skarlatos <dskarlat@cs.cmu.edu> > Signed-off-by: YiFei Zhu <yifeifz2@illinois.edu> > --- > kernel/seccomp.c | 37 +++++++++++++++++++++++++++++++++++++ > 1 file changed, 37 insertions(+) > > diff --git a/kernel/seccomp.c b/kernel/seccomp.c > index 20d33378a092..ac0266b6d18a 100644 > --- a/kernel/seccomp.c > +++ b/kernel/seccomp.c > @@ -167,6 +167,12 @@ static inline void seccomp_cache_inherit(struct seccomp_filter *sfilter, > const struct seccomp_filter *prev) > { > } > + > +static inline bool seccomp_cache_check(const struct seccomp_filter *sfilter, > + const struct seccomp_data *sd) > +{ > + return false; > +} > #endif /* CONFIG_SECCOMP_CACHE_NR_ONLY */ > > /** > @@ -321,6 +327,34 @@ static int seccomp_check_filter(struct sock_filter *filter, unsigned int flen) > return 0; > } > > +#ifdef CONFIG_SECCOMP_CACHE_NR_ONLY > +/** > + * seccomp_cache_check - lookup seccomp cache > + * @sfilter: The seccomp filter > + * @sd: The seccomp data to lookup the cache with > + * > + * Returns true if the seccomp_data is cached and allowed. > + */ > +static bool seccomp_cache_check(const struct seccomp_filter *sfilter, > + const struct seccomp_data *sd) > +{ > + int syscall_nr = sd->nr; > + int arch; > + > + if (unlikely(syscall_nr < 0 || syscall_nr >= NR_syscalls)) > + return false; This protects us from x32 (i.e. syscall_nr will have 0x40000000 bit set), but given the effort needed to support compat, I think supporting x32 isn't much more. (Though again, I note that NR_syscalls differs in size, so this test needs to be per-arch and obviously after arch-discovery.) That said, if it really does turn out that x32 is literally the only architecture doing these shenanigans (and I suspect not, given the MIPS case), okay, fine, I'll give in. :) You and Jann both seem to think this isn't worth it. > + > + for (arch = 0; arch < ARRAY_SIZE(syscall_arches); arch++) { > + if (likely(syscall_arches[arch] == sd->arch)) I think this linear search for the matching arch can be made O(1) (this is what I was trying to do in v1: we can map all possible combos to a distinct bitmap, so there is just math and lookup rather than a linear compare search. In the one-arch case, it can also be easily collapsed into a no-op (though my v1 didn't do this correctly). > + return test_bit(syscall_nr, > + sfilter->cache.syscall_ok[arch]); > + } > + > + WARN_ON_ONCE(true); > + return false; > +} > +#endif /* CONFIG_SECCOMP_CACHE_NR_ONLY */ > + > /** > * seccomp_run_filters - evaluates all seccomp filters against @sd > * @sd: optional seccomp data to be passed to filters > @@ -343,6 +377,9 @@ static u32 seccomp_run_filters(const struct seccomp_data *sd, > if (WARN_ON(f == NULL)) > return SECCOMP_RET_KILL_PROCESS; > > + if (seccomp_cache_check(f, sd)) > + return SECCOMP_RET_ALLOW; > + > /* > * All filters in the list are evaluated and the lowest BPF return > * value always takes priority (ignoring the DATA). > -- > 2.28.0 > -- Kees Cook
next prev parent reply other threads:[~2020-09-24 23:46 UTC|newest] Thread overview: 302+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-09-21 5:35 [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls YiFei Zhu 2020-09-21 5:35 ` YiFei Zhu 2020-09-21 5:35 ` [RFC PATCH seccomp 1/2] seccomp/cache: Add "emulator" to check if filter is arg-dependent YiFei Zhu 2020-09-21 5:35 ` YiFei Zhu 2020-09-21 17:47 ` Jann Horn via Containers 2020-09-21 17:47 ` Jann Horn 2020-09-21 18:38 ` Jann Horn via Containers 2020-09-21 18:38 ` Jann Horn 2020-09-21 23:44 ` YiFei Zhu 2020-09-21 23:44 ` YiFei Zhu 2020-09-22 0:25 ` Jann Horn via Containers 2020-09-22 0:25 ` Jann Horn 2020-09-22 0:47 ` YiFei Zhu 2020-09-22 0:47 ` YiFei Zhu 2020-09-21 5:35 ` [RFC PATCH seccomp 2/2] seccomp/cache: Cache filter results that allow syscalls YiFei Zhu 2020-09-21 5:35 ` YiFei Zhu 2020-09-21 18:08 ` Jann Horn via Containers 2020-09-21 18:08 ` Jann Horn 2020-09-21 22:50 ` YiFei Zhu 2020-09-21 22:50 ` YiFei Zhu 2020-09-21 22:57 ` Jann Horn via Containers 2020-09-21 22:57 ` Jann Horn 2020-09-21 23:08 ` YiFei Zhu 2020-09-21 23:08 ` YiFei Zhu 2020-09-25 0:01 ` [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array Kees Cook 2020-09-25 0:01 ` Kees Cook 2020-09-25 0:15 ` Jann Horn via Containers 2020-09-25 0:15 ` Jann Horn 2020-09-25 0:18 ` Al Viro 2020-09-25 0:18 ` Al Viro 2020-09-25 0:24 ` Jann Horn via Containers 2020-09-25 0:24 ` Jann Horn 2020-09-25 1:27 ` YiFei Zhu 2020-09-25 1:27 ` YiFei Zhu 2020-09-25 3:09 ` Kees Cook 2020-09-25 3:09 ` Kees Cook 2020-09-25 3:28 ` YiFei Zhu 2020-09-25 3:28 ` YiFei Zhu 2020-09-25 16:39 ` YiFei Zhu 2020-09-25 16:39 ` YiFei Zhu 2020-09-21 5:48 ` [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls Sargun Dhillon 2020-09-21 5:48 ` Sargun Dhillon 2020-09-21 7:13 ` YiFei Zhu 2020-09-21 7:13 ` YiFei Zhu 2020-09-21 8:30 ` Christian Brauner 2020-09-21 8:30 ` Christian Brauner 2020-09-21 8:44 ` YiFei Zhu 2020-09-21 8:44 ` YiFei Zhu 2020-09-21 13:51 ` Tycho Andersen 2020-09-21 13:51 ` Tycho Andersen 2020-09-21 15:27 ` YiFei Zhu 2020-09-21 15:27 ` YiFei Zhu 2020-09-21 16:39 ` Tycho Andersen 2020-09-21 16:39 ` Tycho Andersen 2020-09-21 22:57 ` YiFei Zhu 2020-09-21 22:57 ` YiFei Zhu 2020-09-21 19:16 ` Jann Horn via Containers 2020-09-21 19:16 ` Jann Horn 2020-09-21 19:35 ` Hubertus Franke 2020-09-21 19:45 ` Jann Horn via Containers 2020-09-21 19:45 ` Jann Horn 2020-09-23 19:26 ` Kees Cook 2020-09-23 19:26 ` Kees Cook 2020-09-23 22:54 ` YiFei Zhu 2020-09-23 22:54 ` YiFei Zhu 2020-09-24 6:52 ` Kees Cook 2020-09-24 6:52 ` Kees Cook 2020-09-24 12:06 ` [PATCH seccomp 0/6] " YiFei Zhu 2020-09-24 12:06 ` YiFei Zhu 2020-09-24 12:06 ` [PATCH seccomp 1/6] seccomp: Move config option SECCOMP to arch/Kconfig YiFei Zhu 2020-09-24 12:06 ` YiFei Zhu 2020-09-24 12:06 ` YiFei Zhu 2020-09-24 12:06 ` YiFei Zhu 2020-09-24 12:06 ` [PATCH seccomp 2/6] asm/syscall.h: Add syscall_arches[] array YiFei Zhu 2020-09-24 12:06 ` YiFei Zhu 2020-09-24 12:06 ` [PATCH seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent YiFei Zhu 2020-09-24 12:06 ` YiFei Zhu 2020-09-24 12:06 ` [PATCH seccomp 4/6] seccomp/cache: Lookup syscall allowlist for fast path YiFei Zhu 2020-09-24 12:06 ` YiFei Zhu 2020-09-24 12:06 ` [PATCH seccomp 5/6] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu 2020-09-24 12:06 ` YiFei Zhu 2020-09-24 12:06 ` [PATCH seccomp 6/6] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu 2020-09-24 12:06 ` YiFei Zhu 2020-09-24 12:44 ` [PATCH v2 seccomp 0/6] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls YiFei Zhu 2020-09-24 12:44 ` YiFei Zhu 2020-09-24 12:44 ` [PATCH v2 seccomp 1/6] seccomp: Move config option SECCOMP to arch/Kconfig YiFei Zhu 2020-09-24 12:44 ` YiFei Zhu 2020-09-24 19:11 ` Kees Cook 2020-09-24 19:11 ` Kees Cook 2020-10-27 9:52 ` Geert Uytterhoeven 2020-10-27 9:52 ` Geert Uytterhoeven 2020-10-27 19:08 ` YiFei Zhu 2020-10-27 19:08 ` YiFei Zhu 2020-10-28 0:06 ` Kees Cook 2020-10-28 0:06 ` Kees Cook 2020-10-28 8:18 ` Geert Uytterhoeven 2020-10-28 8:18 ` Geert Uytterhoeven 2020-10-28 9:34 ` Jann Horn via Containers 2020-10-28 9:34 ` Jann Horn 2020-09-24 12:44 ` [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array YiFei Zhu 2020-09-24 12:44 ` YiFei Zhu 2020-09-24 13:47 ` David Laight 2020-09-24 13:47 ` David Laight 2020-09-24 14:16 ` YiFei Zhu 2020-09-24 14:16 ` YiFei Zhu 2020-09-24 14:20 ` David Laight 2020-09-24 14:20 ` David Laight 2020-09-24 14:37 ` YiFei Zhu 2020-09-24 14:37 ` YiFei Zhu 2020-09-24 16:02 ` YiFei Zhu 2020-09-24 16:02 ` YiFei Zhu 2020-09-24 12:44 ` [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent YiFei Zhu 2020-09-24 12:44 ` YiFei Zhu 2020-09-24 23:25 ` Kees Cook 2020-09-24 23:25 ` Kees Cook 2020-09-25 3:04 ` YiFei Zhu 2020-09-25 3:04 ` YiFei Zhu 2020-09-25 16:45 ` YiFei Zhu 2020-09-25 16:45 ` YiFei Zhu 2020-09-25 19:42 ` Kees Cook 2020-09-25 19:42 ` Kees Cook 2020-09-25 19:51 ` Andy Lutomirski 2020-09-25 19:51 ` Andy Lutomirski 2020-09-25 20:37 ` Kees Cook 2020-09-25 20:37 ` Kees Cook 2020-09-25 21:07 ` Andy Lutomirski 2020-09-25 21:07 ` Andy Lutomirski 2020-09-25 23:49 ` Kees Cook 2020-09-25 23:49 ` Kees Cook 2020-09-26 0:34 ` Andy Lutomirski 2020-09-26 0:34 ` Andy Lutomirski 2020-09-26 1:23 ` YiFei Zhu 2020-09-26 1:23 ` YiFei Zhu 2020-09-26 2:47 ` Andy Lutomirski 2020-09-26 2:47 ` Andy Lutomirski 2020-09-26 4:35 ` Kees Cook 2020-09-26 4:35 ` Kees Cook 2020-09-24 12:44 ` [PATCH v2 seccomp 4/6] seccomp/cache: Lookup syscall allowlist for fast path YiFei Zhu 2020-09-24 12:44 ` YiFei Zhu 2020-09-24 23:46 ` Kees Cook [this message] 2020-09-24 23:46 ` Kees Cook 2020-09-25 1:55 ` YiFei Zhu 2020-09-25 1:55 ` YiFei Zhu 2020-09-24 12:44 ` [PATCH v2 seccomp 5/6] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu 2020-09-24 12:44 ` YiFei Zhu 2020-09-24 23:47 ` Kees Cook 2020-09-24 23:47 ` Kees Cook 2020-09-25 1:35 ` YiFei Zhu 2020-09-25 1:35 ` YiFei Zhu 2020-09-24 12:44 ` [PATCH v2 seccomp 6/6] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu 2020-09-24 12:44 ` YiFei Zhu 2020-09-24 23:56 ` Kees Cook 2020-09-24 23:56 ` Kees Cook 2020-09-25 3:11 ` YiFei Zhu 2020-09-25 3:11 ` YiFei Zhu 2020-09-25 3:26 ` Kees Cook 2020-09-25 3:26 ` Kees Cook 2020-09-30 15:19 ` [PATCH v3 seccomp 0/5] seccomp: Add bitmap cache of constant allow filter results YiFei Zhu 2020-09-30 15:19 ` YiFei Zhu 2020-09-30 15:19 ` [PATCH v3 seccomp 1/5] x86: Enable seccomp architecture tracking YiFei Zhu 2020-09-30 15:19 ` YiFei Zhu 2020-09-30 21:21 ` Kees Cook 2020-09-30 21:21 ` Kees Cook 2020-09-30 21:33 ` Jann Horn via Containers 2020-09-30 21:33 ` Jann Horn 2020-09-30 22:53 ` Kees Cook 2020-09-30 22:53 ` Kees Cook 2020-09-30 23:15 ` Jann Horn via Containers 2020-09-30 23:15 ` Jann Horn 2020-09-30 15:19 ` [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow YiFei Zhu 2020-09-30 15:19 ` YiFei Zhu 2020-09-30 22:24 ` Jann Horn via Containers 2020-09-30 22:24 ` Jann Horn 2020-09-30 22:49 ` Kees Cook 2020-09-30 22:49 ` Kees Cook 2020-10-01 11:28 ` YiFei Zhu 2020-10-01 11:28 ` YiFei Zhu 2020-10-01 21:08 ` Jann Horn via Containers 2020-10-01 21:08 ` Jann Horn 2020-09-30 22:40 ` Kees Cook 2020-09-30 22:40 ` Kees Cook 2020-10-01 11:52 ` YiFei Zhu 2020-10-01 11:52 ` YiFei Zhu 2020-10-01 21:05 ` Kees Cook 2020-10-01 21:05 ` Kees Cook 2020-10-02 11:08 ` YiFei Zhu 2020-10-02 11:08 ` YiFei Zhu 2020-10-09 4:47 ` YiFei Zhu 2020-10-09 4:47 ` YiFei Zhu 2020-10-09 5:41 ` Kees Cook 2020-10-09 5:41 ` Kees Cook 2020-09-30 15:19 ` [PATCH v3 seccomp 3/5] seccomp/cache: Lookup syscall allowlist for fast path YiFei Zhu 2020-09-30 15:19 ` YiFei Zhu 2020-09-30 21:32 ` Kees Cook 2020-09-30 21:32 ` Kees Cook 2020-10-09 0:17 ` YiFei Zhu 2020-10-09 0:17 ` YiFei Zhu 2020-10-09 5:35 ` Kees Cook 2020-10-09 5:35 ` Kees Cook 2020-09-30 15:19 ` [PATCH v3 seccomp 4/5] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu 2020-09-30 15:19 ` YiFei Zhu 2020-09-30 15:19 ` [PATCH v3 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu 2020-09-30 15:19 ` YiFei Zhu 2020-09-30 22:00 ` Jann Horn via Containers 2020-09-30 22:00 ` Jann Horn 2020-09-30 23:12 ` Kees Cook 2020-09-30 23:12 ` Kees Cook 2020-10-01 12:06 ` YiFei Zhu 2020-10-01 12:06 ` YiFei Zhu 2020-10-01 16:05 ` Jann Horn via Containers 2020-10-01 16:05 ` Jann Horn 2020-10-01 16:18 ` YiFei Zhu 2020-10-01 16:18 ` YiFei Zhu 2020-09-30 22:59 ` Kees Cook 2020-09-30 22:59 ` Kees Cook 2020-09-30 23:08 ` Jann Horn via Containers 2020-09-30 23:08 ` Jann Horn 2020-09-30 23:21 ` Kees Cook 2020-09-30 23:21 ` Kees Cook 2020-10-09 17:14 ` [PATCH v4 seccomp 0/5] seccomp: Add bitmap cache of constant allow filter results YiFei Zhu 2020-10-09 17:14 ` YiFei Zhu 2020-10-09 17:14 ` [PATCH v4 seccomp 1/5] seccomp/cache: Lookup syscall allowlist bitmap for fast path YiFei Zhu 2020-10-09 17:14 ` YiFei Zhu 2020-10-09 21:30 ` Jann Horn via Containers 2020-10-09 21:30 ` Jann Horn 2020-10-09 23:18 ` Kees Cook 2020-10-09 23:18 ` Kees Cook 2020-10-09 17:14 ` [PATCH v4 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow YiFei Zhu 2020-10-09 17:14 ` YiFei Zhu 2020-10-09 21:30 ` Jann Horn via Containers 2020-10-09 21:30 ` Jann Horn 2020-10-09 22:47 ` Kees Cook 2020-10-09 22:47 ` Kees Cook 2020-10-09 17:14 ` [PATCH v4 seccomp 3/5] x86: Enable seccomp architecture tracking YiFei Zhu 2020-10-09 17:14 ` YiFei Zhu 2020-10-09 17:25 ` Andy Lutomirski 2020-10-09 17:25 ` Andy Lutomirski 2020-10-09 18:32 ` YiFei Zhu 2020-10-09 18:32 ` YiFei Zhu 2020-10-09 20:59 ` Andy Lutomirski 2020-10-09 20:59 ` Andy Lutomirski 2020-10-09 17:14 ` [PATCH v4 seccomp 4/5] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu 2020-10-09 17:14 ` YiFei Zhu 2020-10-09 17:14 ` [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu 2020-10-09 17:14 ` YiFei Zhu 2020-10-09 21:24 ` kernel test robot 2020-10-09 21:24 ` kernel test robot 2020-10-09 21:24 ` kernel test robot 2020-10-09 21:45 ` Jann Horn via Containers 2020-10-09 21:45 ` Jann Horn 2020-10-09 23:14 ` Kees Cook 2020-10-09 23:14 ` Kees Cook 2020-10-10 13:26 ` YiFei Zhu 2020-10-10 13:26 ` YiFei Zhu 2020-10-12 22:57 ` Kees Cook 2020-10-12 22:57 ` Kees Cook 2020-10-13 0:31 ` YiFei Zhu 2020-10-13 0:31 ` YiFei Zhu 2020-10-22 20:52 ` YiFei Zhu 2020-10-22 20:52 ` YiFei Zhu 2020-10-22 22:32 ` Kees Cook 2020-10-22 22:32 ` Kees Cook 2020-10-22 23:40 ` YiFei Zhu 2020-10-22 23:40 ` YiFei Zhu 2020-10-24 2:51 ` Kees Cook 2020-10-24 2:51 ` Kees Cook 2020-10-30 12:18 ` YiFei Zhu 2020-10-30 12:18 ` YiFei Zhu 2020-11-03 13:00 ` YiFei Zhu 2020-11-03 13:00 ` YiFei Zhu 2020-11-04 0:29 ` Kees Cook 2020-11-04 0:29 ` Kees Cook 2020-11-04 11:40 ` YiFei Zhu 2020-11-04 11:40 ` YiFei Zhu 2020-11-04 18:57 ` Kees Cook 2020-11-04 18:57 ` Kees Cook 2020-10-11 15:47 ` [PATCH v5 seccomp 0/5]seccomp: Add bitmap cache of constant allow filter results YiFei Zhu 2020-10-11 15:47 ` YiFei Zhu 2020-10-11 15:47 ` [PATCH v5 seccomp 1/5] seccomp/cache: Lookup syscall allowlist bitmap for fast path YiFei Zhu 2020-10-11 15:47 ` YiFei Zhu 2020-10-12 6:42 ` Jann Horn via Containers 2020-10-12 6:42 ` Jann Horn 2020-10-11 15:47 ` [PATCH v5 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow YiFei Zhu 2020-10-11 15:47 ` YiFei Zhu 2020-10-12 6:46 ` Jann Horn via Containers 2020-10-12 6:46 ` Jann Horn 2020-10-11 15:47 ` [PATCH v5 seccomp 3/5] x86: Enable seccomp architecture tracking YiFei Zhu 2020-10-11 15:47 ` YiFei Zhu 2020-10-11 15:47 ` [PATCH v5 seccomp 4/5] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu 2020-10-11 15:47 ` YiFei Zhu 2020-10-11 15:47 ` [PATCH v5 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu 2020-10-11 15:47 ` YiFei Zhu 2020-10-12 6:49 ` Jann Horn via Containers 2020-10-12 6:49 ` Jann Horn 2020-12-17 12:14 ` Geert Uytterhoeven 2020-12-17 12:14 ` Geert Uytterhoeven 2020-12-17 18:34 ` YiFei Zhu 2020-12-17 18:34 ` YiFei Zhu 2020-12-18 12:35 ` Geert Uytterhoeven 2020-12-18 12:35 ` Geert Uytterhoeven 2020-10-27 19:14 ` [PATCH v5 seccomp 0/5]seccomp: Add bitmap cache of constant allow filter results Kees Cook 2020-10-27 19:14 ` Kees Cook
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=202009241640.7E3C54CF@keescook \ --to=keescook@chromium.org \ --cc=aarcange@redhat.com \ --cc=bpf@vger.kernel.org \ --cc=containers@lists.linux-foundation.org \ --cc=dskarlat@cs.cmu.edu \ --cc=frankeh@us.ibm.com \ --cc=gscrivan@redhat.com \ --cc=jannh@google.com \ --cc=jianyan2@illinois.edu \ --cc=linux-kernel@vger.kernel.org \ --cc=luto@amacapital.net \ --cc=tobin@ibm.com \ --cc=torrella@illinois.edu \ --cc=tyxu@illinois.edu \ --cc=vrothber@redhat.com \ --cc=wad@chromium.org \ --cc=yifeifz2@illinois.edu \ --cc=zhuyifei1999@gmail.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.