[PATCH v5 0/4] arch/arm: support seccomp

Kees Cook keescook at chromium.org
Wed Nov 14 14:07:13 EST 2012


Hi, any more thoughts on this series? I'd really like to get it into
-next. It's been running happily for a while now in the Chrome OS ARM
devices.

Thanks,

-Kees

On Sat, Nov 10, 2012 at 2:44 PM, Kees Cook <keescook at chromium.org> wrote:
> This adds support for seccomp BPF to ARM. When built with the seccomp
> improvement patch waiting in linux-next ("seccomp: Make syscall skipping
> and nr changes more consistent"), this passes the seccomp regression
> test suite: https://github.com/redpig/seccomp
>
> Thanks,
>
> -Kees
>
> ---
> v5:
>  - clean up seccomp failure path, as requested by Will Deacon.
> v4:
>  - fixed syscall_get_arch, thanks to Will Deacon.
> v3:
>  - updates suggested by Russell King:
>    - reduced scope of expansion
>    - leveraged TIF_SYSCALL_WORK bit mask
>    - fixed syscall==-1 short-circuit logic
> v2:
>  - expanded ptrace_syscall_trace() into both callers and do
>    secure_computing() hookup there, as requested by Al Viro.

-- 
Kees Cook
Chrome OS Security



More information about the linux-arm-kernel mailing list