[PATCH] ARM: SECCOMP support
Russell King - ARM Linux
linux at arm.linux.org.uk
Sat Sep 25 14:58:05 EDT 2010
On Sat, Sep 25, 2010 at 12:31:07PM -0400, Nicolas Pitre wrote:
> Well, for one thing, the syscall tracing has the ability to change the
> actual syscall number. So this looked like a possible hole that could
> somehow be exploited to escape the seccomp control. So I went with the
> safest way.
That is also true for x86 - the seccomp test on x86 is done first,
before the syscall entry trap.
More information about the linux-arm-kernel
mailing list