On Wed, Nov 27, 2024 at 02:25:29PM +, Mark Brown wrote:
> On Wed, Oct 30, 2024 at 02:37:32PM -0600, Tycho Andersen wrote:
> > From: Tycho Andersen
> >
> > In the previous patch we've defined a couple behaviors:
> >
> > 1. execveat(fd, AT_EMPTY_PATH,
From: Tycho Andersen
In the previous patch we've defined a couple behaviors:
1. execveat(fd, AT_EMPTY_PATH, {"foo"}, ...) should render argv[0] as
/proc/pid/comm
2. execveat(fd, AT_EMPTY_PATH, {NULL}, ...) should keep the old behavior of
rendering the fd as /proc/pid/comm
From: Tycho Andersen
Zbigniew mentioned at Linux Plumber's that systemd is interested in
switching to execveat() for service execution, but can't, because the
contents of /proc/pid/comm are the file descriptor which was used,
instead of the path to the binary. This makes the output of
On Wed, Oct 02, 2024 at 01:45:15PM +, Zbigniew Jędrzejewski-Szmek wrote:
> On Tue, Oct 01, 2024 at 08:42:56PM +0200, Aleksa Sarai wrote:
> > On 2024-10-01, Tycho Andersen wrote:
> > > From: Tycho Andersen
> > >
> > > Zbigniew mentioned at Linux Plu
From: Tycho Andersen
We want to ensure that /proc/self/comm stays useful for execveat() callers.
Signed-off-by: Tycho Andersen
---
tools/testing/selftests/exec/execveat.c | 25 +
1 file changed, 25 insertions(+)
diff --git a/tools/testing/selftests/exec/execveat.c
b
From: Tycho Andersen
Zbigniew mentioned at Linux Plumber's that systemd is interested in
switching to execveat() for service execution, but can't, because the
contents of /proc/pid/comm are the file descriptor which was used,
instead of the path to the binary. This makes the output of
On Mon, Sep 30, 2024 at 03:10:29PM -0500, Eric W. Biederman wrote:
> "Eric W. Biederman" writes:
>
> > Kees Cook writes:
>
> >> I'm not super comfortable doing this regardless of bprm->fdpath; that
> >> seems like too many cases getting changed. Can we just leave it as
> >> depending on bprm->f
From: Tycho Andersen
We want to ensure that /proc/self/comm stays useful for execveat() callers.
Signed-off-by: Tycho Andersen
---
tools/testing/selftests/exec/execveat.c | 25 +
1 file changed, 25 insertions(+)
diff --git a/tools/testing/selftests/exec/execveat.c
b
From: Tycho Andersen
Zbigniew mentioned at Linux Plumber's that systemd is interested in
switching to execveat() for service execution, but can't, because the
contents of /proc/pid/comm are the file descriptor which was used,
instead of the path to the binary. This makes the output of
On Wed, Dec 23, 2020 at 06:54:43PM -0800, Palmer Dabbelt wrote:
> On Wed, 23 Dec 2020 00:24:04 PST (-0800), Christoph Hellwig wrote:
> > On Tue, Dec 22, 2020 at 09:22:19AM -0700, Tycho Andersen wrote:
> > > On Mon, Dec 21, 2020 at 11:52:00PM +0100, Andreas Schwab wrote:
>
yscall, since it should do the rejection directly in
handle_syscall_trace_enter(), which is called above this hunk. So it
seems good to me.
Reviewed-by: Tycho Andersen
On Tue, Dec 01, 2020 at 01:08:25PM +, Sargun Dhillon wrote:
> On Tue, Dec 01, 2020 at 07:41:05AM -0500, Tycho Andersen wrote:
> > On Mon, Nov 30, 2020 at 06:20:09PM -0500, Tycho Andersen wrote:
> > > Idea 1 sounds best to me, but maybe that's because it's the way I
On Mon, Nov 30, 2020 at 06:20:09PM -0500, Tycho Andersen wrote:
> Idea 1 sounds best to me, but maybe that's because it's the way I
> originally did the fd support that never landed :)
>
> But here's an Idea 4: we add a way to remotely close an fd (I don't
> see
Hi,
On Thu, Nov 26, 2020 at 02:09:33PM +0100, Alban Crequy wrote:
> Hi,
>
> With the addfd feature (added in “seccomp: Introduce addfd ioctl to
> seccomp user notifier”, commit 7cf97b125455), the new file is
> installed in the target process during the SECCOMP_IOCTL_NOTIF_ADDFD
> operation and no
On Mon, Oct 26, 2020 at 10:55:04AM +0100, Michael Kerrisk (man-pages) wrote:
> Hi all (and especially Tycho and Sargun),
>
> Following review comments on the first draft (thanks to Jann, Kees,
> Christian and Tycho), I've made a lot of changes to this page.
> I've also added a few FIXMEs relating
On Mon, Oct 26, 2020 at 03:30:29PM +0100, Michael Kerrisk (man-pages) wrote:
> Hi Tycho,
>
> Thanks for getting back to me.
>
> On Mon, 26 Oct 2020 at 14:54, Tycho Andersen wrote:
> >
> > On Mon, Oct 26, 2020 at 10:55:04AM +0100, Michael Kerrisk (man-pages) wrote:
&
On Thu, Oct 01, 2020 at 02:06:10PM -0700, Sargun Dhillon wrote:
> On Wed, Sep 30, 2020 at 4:07 AM Michael Kerrisk (man-pages)
> wrote:
> >
> > Hi Tycho, Sargun (and all),
> >
> > I knew it would be a big ask, but below is kind of the manual page
> > I was hoping you might write [1] for the seccomp
On Thu, Oct 01, 2020 at 07:02:31PM +0200, Mickaël Salaün wrote:
> --- a/include/uapi/asm-generic/unistd.h
> +++ b/include/uapi/asm-generic/unistd.h
> @@ -859,9 +859,11 @@ __SYSCALL(__NR_openat2, sys_openat2)
> __SYSCALL(__NR_pidfd_getfd, sys_pidfd_getfd)
> #define __NR_faccessat2 439
> __SYSCALL
On Thu, Oct 01, 2020 at 08:18:49PM +0200, Jann Horn wrote:
> On Thu, Oct 1, 2020 at 6:58 PM Tycho Andersen wrote:
> > On Thu, Oct 01, 2020 at 05:47:54PM +0200, Jann Horn via Containers wrote:
> > > On Thu, Oct 1, 2020 at 2:54 PM Christian Brauner
> > > wrote:
> &g
On Thu, Oct 01, 2020 at 05:47:54PM +0200, Jann Horn via Containers wrote:
> On Thu, Oct 1, 2020 at 2:54 PM Christian Brauner
> wrote:
> > On Wed, Sep 30, 2020 at 05:53:46PM +0200, Jann Horn via Containers wrote:
> > > On Wed, Sep 30, 2020 at 1:07 PM Michael Kerrisk (man-pages)
> > > wrote:
> > >
On Thu, Oct 01, 2020 at 01:11:33AM +0200, Jann Horn wrote:
> On Thu, Oct 1, 2020 at 1:03 AM Tycho Andersen wrote:
> > On Wed, Sep 30, 2020 at 10:34:51PM +0200, Michael Kerrisk (man-pages) wrote:
> > > On 9/30/20 5:03 PM, Tycho Andersen wrote:
> > > > On Wed, Se
On Wed, Sep 30, 2020 at 10:34:51PM +0200, Michael Kerrisk (man-pages) wrote:
> Hi Tycho,
>
> Thanks for taking time to look at the page!
>
> On 9/30/20 5:03 PM, Tycho Andersen wrote:
> > On Wed, Sep 30, 2020 at 01:07:38PM +0200, Michael Kerrisk (man-pages) wrote:
> >&g
On Wed, Sep 30, 2020 at 01:07:38PM +0200, Michael Kerrisk (man-pages) wrote:
>2. In order that the supervisor process can obtain notifications
> using the listening file descriptor, (a duplicate of) that
> file descriptor must be passed from the target process to t
On Wed, Sep 30, 2020 at 09:03:36AM -0600, Tycho Andersen wrote:
> On Wed, Sep 30, 2020 at 01:07:38PM +0200, Michael Kerrisk (man-pages) wrote:
> >┌─┐
> >
On Fri, Sep 25, 2020 at 11:31:14AM +0100, Mark Rutland wrote:
> Hi,
>
> Sorry to come to this so late; I've been meaning to provide feedback on
> this for a while but have been indisposed for a bit due to an injury.
>
> On Fri, Sep 25, 2020 at 11:50:29AM +0200, Peter Zijlstra wrote:
> > On Fri, S
On Mon, Sep 21, 2020 at 10:27:56AM -0500, YiFei Zhu wrote:
> On Mon, Sep 21, 2020 at 8:51 AM Tycho Andersen wrote:
> > One problem with a kernel config setting is that it's for all tasks.
> > While docker and systemd may make decsisions based on syscall number,
> > o
On Wed, Sep 02, 2020 at 11:08:49AM +0200, Christian Brauner wrote:
> On Tue, Sep 01, 2020 at 07:40:16PM -0600, Tycho Andersen wrote:
> > In seccomp_set_mode_filter() with TSYNC | NEW_LISTENER, we first initialize
> > the listener fd, then check to see if we can actually
le won't be
able to install a filter if the file allocation fails for some reason, even
if they subsequently should be able to.
To fix this, let's hoist this free+null into its own little helper and use
it.
Reported-by: Kees Cook
Reported-by: Christian Brauner
Signed-off-by: Tycho
Hi Kees,
On Tue, Sep 01, 2020 at 07:40:17PM -0600, Tycho Andersen wrote:
> I've changed my e-mail address to tycho.pizza, so let's reflect that in
> these files.
Hopefully you can pick this one up too? :D
Thanks,
Tycho
I've changed my e-mail address to tycho.pizza, so let's reflect that in
these files.
Signed-off-by: Tycho Andersen
---
.mailmap| 1 +
MAINTAINERS | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/.mailmap b/.mailmap
index 332c7833057f..50096b96c85d 100644
---
("seccomp: allow TSYNC and USER_NOTIF together")
Reported-by: syzbot+3ad9614a12f80994c...@syzkaller.appspotmail.com
Signed-off-by: Tycho Andersen
---
kernel/seccomp.c | 13 ++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/kernel/seccomp.c b/kernel/seccomp
On Tue, Sep 01, 2020 at 08:08:13AM -0700, Kees Cook wrote:
> On Mon, Aug 31, 2020 at 07:14:59PM -0600, Tycho Andersen wrote:
> > On Mon, Aug 31, 2020 at 06:09:15PM -0600, Tycho Andersen wrote:
> > > On Mon, Aug 31, 2020 at 04:25:35PM -0700, Kees Cook wrote:
> > > >
On Mon, Aug 31, 2020 at 06:09:15PM -0600, Tycho Andersen wrote:
> On Mon, Aug 31, 2020 at 04:25:35PM -0700, Kees Cook wrote:
> > On Sun, Aug 30, 2020 at 08:50:15PM -0700, syzbot wrote:
> > > syzbot has found a reproducer for the following issue on:
> > >
> > >
to install a filter with TSYNC and NEW_LISTENER turned on. Does
the patch below look reasonable?
I didn't send it separately since I'm in the process of switching my
e-mail address to tycho@tycho.pizza; let this e-mail serve as proof
that that e-mail really is me too :). I can send it the nor
On Fri, Jul 10, 2020 at 04:01:06PM -0700, Kees Cook wrote:
> Running the seccomp tests as a regular user shouldn't just fail tests
> that require CAP_SYS_ADMIN (for getting a PID namespace). Instead,
> detect those cases and SKIP them. Additionally, gracefully SKIP missing
> CONFIG_USER_NS (and add
gt; Signed-off-by: Kees Cook
Reviewed-by: Tycho Andersen
On Fri, Jul 10, 2020 at 11:51:55AM -0700, Kees Cook wrote:
> Running the seccomp tests as a regular user shouldn't just fail tests
> that require CAP_SYS_ADMIN (for getting a PID namespace). Instead,
> detect those cases and SKIP them.
But if we unshare NEWUSER at the same time as NEWPID, shouldn'
On Tue, Jun 16, 2020 at 09:05:29AM -0700, Kees Cook wrote:
> On Tue, Jun 16, 2020 at 08:55:46AM -0600, Tycho Andersen wrote:
> > On Mon, Jun 15, 2020 at 08:25:23PM -0700, Kees Cook wrote:
> > > This patch is based on discussions[1] with Sargun Dhillon, Christian
> > >
On Mon, Jun 15, 2020 at 08:25:21PM -0700, Kees Cook wrote:
> The seccomp tests are a bit noisy without CONFIG_CHECKPOINT_RESTORE (due
> to missing the kcmp() syscall). The seccomp tests are more accurate with
> kcmp(), but it's not strictly required. Refactor the tests to use
> alternatives (compar
er XFAIL.
>
> Signed-off-by: Kees Cook
Reviewed-by: Tycho Andersen
On Mon, Jun 15, 2020 at 08:25:23PM -0700, Kees Cook wrote:
> This patch is based on discussions[1] with Sargun Dhillon, Christian
> Brauner, and David Laight. Instead of building size into the addfd
> structure, make it a function of the ioctl command (which is how sizes are
> normally passed to io
On Sat, Jun 13, 2020 at 12:26:09AM -0700, Sargun Dhillon wrote:
> This introduces an extensibility mechanism to receive seccomp
> notifications. It uses read(2), as opposed to using an ioctl. The listener
> must be first configured to write the notification via the
> SECCOMP_IOCTL_NOTIF_CONFIG ioct
On Fri, May 29, 2020 at 06:46:07PM +, Sargun Dhillon wrote:
> On Fri, May 29, 2020 at 12:41:51AM -0700, Kees Cook wrote:
> > On Thu, May 28, 2020 at 04:08:58AM -0700, Sargun Dhillon wrote:
> > > + EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), 0);
> > > +
> > > + nextid = req.id +
On Thu, May 28, 2020 at 04:08:55AM -0700, Sargun Dhillon wrote:
> This adds the capability for seccomp notifier listeners to add file
> descriptors
Modulo the changes suggested by others, you can consider this series:
Reviewed-by: Tycho Andersen
On Fri, May 29, 2020 at 12:41:51AM -0700, Kees Cook wrote:
> On Thu, May 28, 2020 at 04:08:58AM -0700, Sargun Dhillon wrote:
> > + EXPECT_EQ(ioctl(listener, SECCOMP_IOCTL_NOTIF_SEND, &resp), 0);
> > +
> > + nextid = req.id + 1;
> > +
> > + /* Wait for getppid to be called for the second time
On Wed, May 27, 2020 at 03:36:09PM -0700, Kees Cook wrote:
> On Wed, May 27, 2020 at 03:52:03PM -0600, Tycho Andersen wrote:
> > On Wed, May 27, 2020 at 02:43:49PM -0700, Kees Cook wrote:
> > > (While I'm here -- why can there be only one listener per task? The
> &g
On Wed, May 27, 2020 at 02:43:49PM -0700, Kees Cook wrote:
> (While I'm here -- why can there be only one listener per task? The
> notifications are filter-specific, not task-specific?)
Not sure what you mean here?
> > To fix this, we introduce a new "live" reference counter that tracks the
> > l
On Wed, May 27, 2020 at 01:19:01PM +0200, Christian Brauner wrote:
> +void seccomp_filter_notify(const struct task_struct *tsk)
> +{
> + struct seccomp_filter *orig = tsk->seccomp.filter;
> +
> + while (orig && refcount_dec_and_test(&orig->live)) {
> + if (waitqueue_active(&orig
On Tue, May 26, 2020 at 08:29:45AM +0800, Guo Ren wrote:
> Hi Tycho,
>
> On Mon, May 25, 2020 at 10:36 PM Tycho Andersen wrote:
> >
> > On Mon, May 25, 2020 at 02:18:26PM +, guo...@kernel.org wrote:
> > > From: Guo Ren
> > >
> > > Obviously,
On Mon, May 25, 2020 at 02:18:26PM +, guo...@kernel.org wrote:
> From: Guo Ren
>
> Obviously, there is no need to recover a0-a7 in reject path.
>
> Previous modification is from commit af33d243 by Tycho, to
> fixup seccomp reject syscall code path.
Doesn't this suffer from the same problem,
On Sun, May 24, 2020 at 05:57:32PM -0600, Tycho Andersen wrote:
> On Sun, May 24, 2020 at 04:39:39PM -0700, Sargun Dhillon wrote:
> > +static void seccomp_handle_addfd(struct seccomp_kaddfd *addfd)
> > +{
> > + int ret;
> > +
> > + /*
> > +* Remo
On Sun, May 24, 2020 at 04:39:39PM -0700, Sargun Dhillon wrote:
> +static void seccomp_handle_addfd(struct seccomp_kaddfd *addfd)
> +{
> + int ret;
> +
> + /*
> + * Remove the notification, and reset the list pointers, indicating
> + * that it has been handled.
> + */
> +
Cc: Kees Cook ,
> Cc: Jann Horn ,
> Cc: Robert Sesek ,
> Cc: Chris Palmer
> Cc: Christian Brauner
> Cc: Tycho Andersen
> ---
> kernel/seccomp.c | 38 +-
> 1 file changed, 21 insertions(+), 17 deletions(-)
>
> diff --git a/kerne
On Mon, May 18, 2020 at 02:04:57PM -0700, Kees Cook wrote:
> Hi!
>
> This is my attempt at a brain-dump on my plans for nearish-term seccomp
> features. Welcome to my TED talk... ;)
>
> These are the things I've been thinking about:
>
> - fd passing
> - deep argument inspection
> - changing stru
On Mon, May 18, 2020 at 02:45:00PM +0200, Christian Brauner wrote:
> On Mon, May 18, 2020 at 08:32:25AM +, Sargun Dhillon wrote:
> > On Sun, May 17, 2020 at 02:30:57PM -0700, Kees Cook wrote:
> > > On Sun, May 17, 2020 at 09:02:15AM -0600, Tycho Andersen wrote:
> > >
On Mon, May 18, 2020 at 02:53:25PM +0200, Christian Brauner wrote:
> On Sun, May 17, 2020 at 09:02:15AM -0600, Tycho Andersen wrote:
> > On Sun, May 17, 2020 at 08:46:03AM -0600, Tycho Andersen wrote:
> > > On Sun, May 17, 2020 at 04:33:11PM +0200, Christian Brauner wro
On Sun, May 17, 2020 at 08:46:03AM -0600, Tycho Andersen wrote:
> On Sun, May 17, 2020 at 04:33:11PM +0200, Christian Brauner wrote:
> > struct seccomp_notif2 {
> > __u32 notif_size;
> > __u64 id;
> > __u32 pid;
> > __u32 flags;
> >
On Sun, May 17, 2020 at 04:33:11PM +0200, Christian Brauner wrote:
> On Sun, May 17, 2020 at 08:23:16AM -0600, Tycho Andersen wrote:
> > On Sun, May 17, 2020 at 09:21:56PM +1000, Aleksa Sarai wrote:
> > > On 2020-05-17, Christian Brauner wrote:
> > > > Or..
On Sun, May 17, 2020 at 09:21:56PM +1000, Aleksa Sarai wrote:
> On 2020-05-17, Christian Brauner wrote:
> > Or... And that's more invasive but ultimately cleaner we v2 the whole
> > thing so e.g. SECCOMP_IOCTL_NOTIF_RECV2, SECCOMP_IOCTL_NOTIF_SEND2, and
> > embedd the size argument in the structs.
[seccomp_bpf] Error 1
> make: Leaving directory
> '/usr/src/perf_selftests-x86_64-rhel-7.6-0eebfed2954f152259cae0ad57b91d3ea92968e8/tools/testing/selftests/seccomp'
>
> Reported-by: kernel test robot
> Fixes: 0eebfed2954f ("seccomp: test SECCOMP_USER_NOTIF_FLAG_CONTINUE")
> Cc: linux-kselft...@vger.kernel.org
> Signed-off-by: Christian Brauner
Reviewed-by: Tycho Andersen
21cc50f0c7 ("seccomp: add a return code to trap to userspace")
> Signed-off-by: Christian Brauner
> Reviewed-by: Tyler Hicks
> Cc: Kees Cook
> Cc: Andy Lutomirski
> Cc: Will Drewry
> Cc: Shuah Khan
> Cc: Alexei Starovoitov
> Cc: Daniel Borkmann
> Cc: Ma
ernel security mechanisms in cases where the watcher knows
> > that a given action is safe to perform.
> >
> > /* References */
> > [1]: https://linuxplumbersconf.org/event/4/contributions/560
> > [2]: https://linuxplumbersconf.org/event/4/contributions/477
> > [3]: https
On Fri, Sep 06, 2019 at 08:27:31PM +0200, Florian Weimer wrote:
> * Tycho Andersen:
>
> > On Fri, Sep 06, 2019 at 07:20:51PM +0200, Christian Brauner wrote:
> >> On Sat, Sep 07, 2019 at 03:07:39AM +1000, Aleksa Sarai wrote:
> >> > On 2019-09-06, Mickaël Salaün w
On Fri, Sep 06, 2019 at 07:20:51PM +0200, Christian Brauner wrote:
> On Sat, Sep 07, 2019 at 03:07:39AM +1000, Aleksa Sarai wrote:
> > On 2019-09-06, Mickaël Salaün wrote:
> > >
> > > On 06/09/2019 17:56, Florian Weimer wrote:
> > > > Let's assume I want to add support for this to the glibc dynam
On Fri, Aug 30, 2019 at 09:19:00AM -0600, shuah wrote:
> On 8/29/19 6:45 PM, shuah wrote:
> > On 8/29/19 11:06 AM, Kees Cook wrote:
> > > On Mon, Aug 26, 2019 at 08:43:02AM -0600, Tycho Andersen wrote:
> > > > The seccomp selftest goes to some length to build agains
we can get some more clarity about what might be going wrong here? It
> appears that the failing test was added in commit 6a21cc50f0c7f ("seccomp:
> add a return code to trap to userspace") by Tycho Andersen
> .
Can you post an strace and a cat of /proc/$pid/stack for both
~~
seccomp_bpf.c:1787:2: note: in expansion of macro ‘EXPECT_EQ’
EXPECT_EQ(entry ? PTRACE_EVENTMSG_SYSCALL_ENTRY
^
make: *** [Makefile:12: seccomp_bpf] Error 1
Signed-off-by: Tycho Andersen
Fixes: 201766a20e30 ("ptrace: add PTRACE_GET_SYSCALL_INFO request")
---
t
On Wed, May 29, 2019 at 11:29:05AM -0400, Paul Moore wrote:
> On Wed, May 29, 2019 at 10:57 AM Tycho Andersen wrote:
> >
> > On Mon, Apr 08, 2019 at 11:39:09PM -0400, Richard Guy Briggs wrote:
> > > It is not permitted to unset the audit container identifier.
> > &
On Mon, Apr 08, 2019 at 11:39:09PM -0400, Richard Guy Briggs wrote:
> It is not permitted to unset the audit container identifier.
> A child inherits its parent's audit container identifier.
...
> /**
> + * audit_set_contid - set current task's audit contid
> + * @contid: contid value
> + *
> +
On Thu, Apr 25, 2019 at 03:00:10PM -0400, Joel Fernandes (Google) wrote:
>
> +void *test_pidfd_poll_exec_thread(void *priv)
I think everything in this file can be static, there's this one and
3-4 below.
> +int test_pidfd_poll_exec(int use_waitpid)
> +{
> + int pid, pidfd = 0;
> + int stat
d-off-by: Kees Cook
Whoops, thanks for this too.
Reviewed-by: Tycho Andersen
On Wed, Apr 24, 2019 at 05:04:26PM +0200, Christian Brauner wrote:
> Hey everyone,
>
> So I was working on making use of the seccomp listener stuff and I
> stumbled upon a problem. Imagine a scenario where:
>
> 1. Task T1 installs Filter F1 and gets and listener fd for that filter FD1
> 2. T1 sen
On Tue, Apr 23, 2019 at 04:31:45PM -0700, Kees Cook wrote:
> On Tue, Apr 23, 2019 at 3:09 PM Kees Cook wrote:
> >
> > On Wed, Mar 6, 2019 at 12:14 PM Tycho Andersen wrote:
> > >
> > > As the comment notes, the return codes for TSYNC and NEW_LISTENER
> &
On Fri, Apr 12, 2019 at 11:07:11AM -0600, shuah wrote:
> On 4/12/19 9:25 AM, Tycho Andersen wrote:
> > On Thu, Apr 11, 2019 at 04:56:31PM -0700, Kees Cook wrote:
> > > When running without USERNS or PIDNS the seccomp test would hang since
> > > it was waiting forever f
the delay, thanks for looking at this!
Reviewed-by: Tycho Andersen
On Thu, Apr 11, 2019 at 01:50:43PM -0400, Joel Fernandes (Google) wrote:
> Other than verifying pidfd based polling, the tests make sure that
> wait semantics are preserved with the pidfd poll. Notably the 2 cases:
> 1. If a thread group leader exits while threads still there, then no
>pidfd po
were disabled.
Note that if any spinlocks are held, etc. we'll also get the above warning,
so this isn't a silver bullet. So, let's add a C helper in case someone
wants to add fancier lock busting or if we've forgotten to unwind something
else.
Signed-off-by: Tycho Andersen
CC: Jo
On Fri, Apr 05, 2019 at 10:58:33AM -0500, Josh Poimboeuf wrote:
> On Fri, Apr 05, 2019 at 09:35:24AM -0600, Tycho Andersen wrote:
> > If the kernel oopses in an interrupt, nothing re-enables interrupts:
> >
> > Aug 23 19:30:27 xpfo kernel: [ 38.302714] BUG: sleeping func
n
It seems to actually work fine for me though, since the new helper is also
__noreturn. Perhaps there's a better way to do this?
Signed-off-by: Tycho Andersen
CC: Josh Poimboeuf
---
I split this out from the XPFO series since it's mostly unrelated, and is
just a bug I found while wo
On Sat, Mar 09, 2019 at 06:53:22AM +1100, Tobin C. Harding wrote:
> On Fri, Mar 08, 2019 at 09:22:37AM -0700, Tycho Andersen wrote:
> > On Fri, Mar 08, 2019 at 04:15:46PM +, Christopher Lameter wrote:
> > > On Fri, 8 Mar 2019, Tycho Andersen wrote:
> > >
> >
On Fri, Mar 08, 2019 at 04:15:46PM +, Christopher Lameter wrote:
> On Fri, 8 Mar 2019, Tycho Andersen wrote:
>
> > On Fri, Mar 08, 2019 at 03:14:13PM +1100, Tobin C. Harding wrote:
> > > diff --git a/mm/slab_common.c b/mm/slab_common.c
> > > index f9d89c1b5977..7
On Fri, Mar 08, 2019 at 03:14:18PM +1100, Tobin C. Harding wrote:
> --- a/mm/slub.c
> +++ b/mm/slub.c
> @@ -3642,6 +3642,7 @@ static int kmem_cache_open(struct kmem_cache *s,
> slab_flags_t flags)
>
> set_cpu_partial(s);
>
> + s->defrag_used_ratio = 30;
> #ifdef CONFIG_NUMA
>
On Fri, Mar 08, 2019 at 03:14:13PM +1100, Tobin C. Harding wrote:
> diff --git a/mm/slab_common.c b/mm/slab_common.c
> index f9d89c1b5977..754acdb292e4 100644
> --- a/mm/slab_common.c
> +++ b/mm/slab_common.c
> @@ -298,6 +298,10 @@ int slab_unmergeable(struct kmem_cache *s)
> if (!is_root_cac
On Wed, Mar 06, 2019 at 10:02:25PM +0100, Christian Brauner wrote:
> On Wed, Mar 6, 2019 at 9:46 PM Tycho Andersen wrote:
> >
> > On Wed, Mar 06, 2019 at 09:39:35PM +0100, Christian Brauner wrote:
> > > > +
> > > > /* Prepare the new filter before hol
On Wed, Mar 06, 2019 at 09:39:35PM +0100, Christian Brauner wrote:
> > +
> > /* Prepare the new filter before holding any locks. */
> > prepared = seccomp_prepare_user_filter(filter);
> > if (IS_ERR(prepared))
> > @@ -1302,7 +1315,7 @@ static long seccomp_set_mode_filter(unsigned int
>
dition to be simply if (ret), so that
if someone does add the flag mentioned above, they won't have to remember
to fix this too.
Signed-off-by: Tycho Andersen
Fixes: 6a21cc50f0c7 ("seccomp: add a return code to trap to userspace")
CC: sta...@vger.kernel.org # v5.0+
---
kernel/seccom
This sentence is kind of a train wreck anyway, but at least dropping the
extra pronoun helps somewhat.
Signed-off-by: Tycho Andersen
---
kernel/seccomp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/seccomp.c b/kernel/seccomp.c
index e815781ed751..d0d355ded2f4
On Fri, Mar 01, 2019 at 04:16:27PM +0100, Michael Kerrisk (man-pages) wrote:
> Hello Tycho,
>
> On 3/1/19 3:53 PM, Tycho Andersen wrote:
> > On Thu, Feb 28, 2019 at 01:52:19PM +0100, Michael Kerrisk (man-pages) wrote:
> >>> +a notification will be sent to this fd.
On Thu, Feb 28, 2019 at 02:25:55PM +0100, Michael Kerrisk (man-pages) wrote:
> > 7. The monitoring process can use the information in the
> >'struct seccomp_notif' to make a determination about the
> >system call being made by the target process. This
> >structure includes a 'data' fiel
On Thu, Feb 28, 2019 at 01:52:19PM +0100, Michael Kerrisk (man-pages) wrote:
> > +a notification will be sent to this fd. See "Userspace Notification" below
> > for
>
> s/fd/file descriptor/ throughout please.
Will do.
> > +more details.
>
> I think the description here could be better worded
On Fri, Feb 15, 2019 at 04:07:33PM +, David Howells wrote:
> ==
> FUTURE DEVELOPMENT
> ==
>
> (1) Setting up the container.
>
> A container would be created with, say:
>
> int cfd = container_create("fred", CONTAINER_NEW_EMPTY_FS_NS);
>
...
>
On Wed, Jan 02, 2019 at 05:16:53PM +0100, Christian Brauner wrote:
> The kill() syscall operates on process identifiers (pid). After a process
> ...
Fashionably late to the party, but feel free to consider these two:
Reviewed-by: Tycho Andersen
On Thu, Feb 14, 2019 at 10:29:52AM -0700, Khalid Aziz wrote:
> On a side note, do you mind if I update your address in your
> signed-off-by from ty...@docker.com when I send the next version of this
> series?
Sure that would be great thanks. This e-mail is a good one to use.
Cheers,
Tycho
ually flush in the face of xpfo, and temporarily map the underlying
> memory so it can be flushed correctly
>
> CC: linux-arm-ker...@lists.infradead.org
> Signed-off-by: Juerg Haefliger
> Signed-off-by: Tycho Andersen
> ---
> arch/arm64/mm/flush.c | 7 +++
> 1 fi
On Fri, Feb 08, 2019 at 09:50:26AM +1100, Tobin C. Harding wrote:
> Currently if user passes an output file to the script via
> --output-raw we do not handle expansion of tilde.
>
> Use perl function glob() to expand tilde in output file name.
>
> Signed-off-by: Tobin C. Harding
> ---
> scripts
While reading the docs I noticed some whitespace damage in diagram. Let's
fix it up to be consistent with elsewhere in the document: use one leading
tab, followed by spaces for any additional whitespace required.
Signed-off-by: Tycho Andersen
---
Documentation/RCU/whatisRCU.txt
On Mon, Jan 28, 2019 at 05:13:11PM +, Rantala, Tommi T. (Nokia - FI/Espoo)
wrote:
> Hi Greg,
>
> Can you please revert this commit in 4.14?
>
> commit e65cd9a20343ea90f576c24c38ee85ab6e7d5fec
> Author: Tycho Andersen
> Date: Tue Feb 20 19:47:47 2018 -0700
>
>
There used to be an explanation here because it could trigger lockdep
previously, but now we're not doing recursive locking, so it really is just
for grins.
Signed-off-by: Tycho Andersen
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 2 +-
1 file changed, 1 insertion(+), 1 del
write.
Any failure after that is fine and can ASSERT.
Signed-off-by: Tycho Andersen
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c
b/tools/testing/selftests/seccomp/seccomp_
userns.
Signed-off-by: Tycho Andersen
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c
b/tools/testing/selftests/seccomp/seccomp_bpf.c
index a4a7dce1a91b..8f6e95773225 100644
---
1 - 100 of 573 matches
Mail list logo
