On Thu, Jun 9, 2016 at 2:01 PM, Kees Cook wrote:
> When RET_TRACE triggers, a tracer may change a syscall into something that
> should be filtered by seccomp. This re-runs seccomp after a trace event
> to make sure things continue to pass.
>
> Signed-off-by: Kees Cook
> Cc: Andy Lutomirski
> ---
When RET_TRACE triggers, a tracer may change a syscall into something that
should be filtered by seccomp. This re-runs seccomp after a trace event
to make sure things continue to pass.
Signed-off-by: Kees Cook
Cc: Andy Lutomirski
---
kernel/seccomp.c | 21 ++---
1 file changed,
