From: Thomas Gleixner <tglx@linutronix.de>
To: Gabriel Krisman Bertazi <krisman@collabora.com>
Cc: linux-kernel@vger.kernel.org,
Gabriel Krisman Bertazi <krisman@collabora.com>,
kernel@collabora.com, Linux API <linux-api@vger.kernel.org>,
Michael Kerrisk <mtk.manpages@gmail.com>
Subject: Re: [PATCH RESEND] entry: Use different define for selector variable in SUD
Date: Fri, 05 Feb 2021 10:02:20 +0100 [thread overview]
Message-ID: <87ft2aanvn.fsf@nanos.tec.linutronix.de> (raw)
In-Reply-To: <20210204184028.1516328-1-krisman@collabora.com>
Gabriel,
On Thu, Feb 04 2021 at 13:40, Gabriel Krisman Bertazi wrote:
> Michael Kerrisk suggested that, from an API perspective, it is a bad
> idea to share the PR_SYS_DISPATCH_ defines between the prctl operation
> and the selector variable. Therefore, define two new constants to be
> used by SUD's selector variable, and the corresponding documentation.
>
> While this changes the API, it is backward compatible, as the values
> remained the same and the old defines are still in place. In addition,
> SUD has never been part of a Linux release, it will show up for the
> first time in 5.11.
> --- a/include/uapi/linux/prctl.h
> +++ b/include/uapi/linux/prctl.h
> @@ -251,5 +251,7 @@ struct prctl_mm_map {
> #define PR_SET_SYSCALL_USER_DISPATCH 59
> # define PR_SYS_DISPATCH_OFF 0
> # define PR_SYS_DISPATCH_ON 1
> +# define PR_SYS_DISPATCH_FILTER_ALLOW 0
> +# define PR_SYS_DISPATCH_FILTER_BLOCK 1
This is still confusing because the defines are kinda associated to the
prctl(). But ALLOW/BLOCK are the values which for the user space
selector which allows to runtime filter the dispatching without the
overhead of prctl().
So they want to be visualy seperated and not part of the PR_
namespace. Something like the below.
#define PR_SET_SYSCALL_USER_DISPATCH 59
# define PR_SYS_DISPATCH_OFF 0
# define PR_SYS_DISPATCH_ON 1
/* Control values for the syscall dispatch runtime selector (filter) */
# define SYSCALL_DISPATCH_FILTER_ALLOW 0
# define SYSCALL_DISPATCH_FILTER_BLOCK 1
Hmm?
Thanks,
tglx
prev parent reply other threads:[~2021-02-05 9:08 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-04 18:40 [PATCH RESEND] entry: Use different define for selector variable in SUD Gabriel Krisman Bertazi
2021-02-05 9:02 ` Thomas Gleixner [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ft2aanvn.fsf@nanos.tec.linutronix.de \
--to=tglx@linutronix.de \
--cc=kernel@collabora.com \
--cc=krisman@collabora.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mtk.manpages@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).