Rebuild the seccomp tests when kselftest_harness.h is updated.
Signed-off-by: Mickaël Salaün
Acked-by: Kees Cook
Cc: Andy Lutomirski
Cc: Shuah Khan
Cc: Will Drewry
---
tools/testing/selftests/seccomp/Makefile | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tools/testing/selftests
+8CVz8vL51DRYXqOY=xc3zuKFf=ptene88xyhzfyi...@mail.gmail.com
Regards,
Mickaël Salaün (6):
selftests: Make test_harness.h more generally available
selftests: Cosmetic renames in kselftest_harness.h
selftests/seccomp: Force rebuild according to dependencies
Documentation/dev-tools: Add kselftest
Include and convert kselftest to the Sphinx format.
Changes since v2:
* lighten the modifications (suggested by Kees Cook)
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Acked-by: Kees Cook <keesc...@chromium.org>
Cc: Jonathan Corbet <cor...@lwn.net>
Cc: Shuah Khan
+8CVz8vL51DRYXqOY=xc3zuKFf=ptene88xyhzfyi...@mail.gmail.com
Regards,
Mickaël Salaün (6):
selftests: Make test_harness.h more generally available
selftests: Cosmetic renames in kselftest_harness.h
selftests/seccomp: Force rebuild according to dependencies
Documentation/dev-tools: Add kselftest
Include and convert kselftest to the Sphinx format.
Changes since v2:
* lighten the modifications (suggested by Kees Cook)
Signed-off-by: Mickaël Salaün
Acked-by: Kees Cook
Cc: Jonathan Corbet
Cc: Shuah Khan
---
Documentation/dev-tools/index.rst | 1 +
Documentation/dev-tools
Keep the content consistent with the new name.
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Acked-by: Kees Cook <keesc...@chromium.org>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Shuah Khan <sh...@kernel.org>
Cc: Will Drewry <w...@chromium.org>
Keep the content consistent with the new name.
Signed-off-by: Mickaël Salaün
Acked-by: Kees Cook
Cc: Andy Lutomirski
Cc: Shuah Khan
Cc: Will Drewry
---
tools/testing/selftests/kselftest_harness.h | 11 ++-
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/tools/testing
Move kselftest.txt to dev-tools/kselftest.rst .
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Acked-by: Kees Cook <keesc...@chromium.org>
Cc: Jonathan Corbet <cor...@lwn.net>
Cc: Shuah Khan <sh...@kernel.org>
---
Documentation/00-INDEX
Rebuild the seccomp tests when kselftest_harness.h is updated.
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Acked-by: Kees Cook <keesc...@chromium.org>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Shuah Khan <sh...@kernel.org>
Cc: Will Drewry <w...@chromium.org>
Move kselftest.txt to dev-tools/kselftest.rst .
Signed-off-by: Mickaël Salaün
Acked-by: Kees Cook
Cc: Jonathan Corbet
Cc: Shuah Khan
---
Documentation/00-INDEX | 2 --
Documentation/{kselftest.txt => dev-tools/kselftest.rst} | 0
2 files changed, 2 deleti
Rebuild the seccomp tests when kselftest_harness.h is updated.
Signed-off-by: Mickaël Salaün
Acked-by: Kees Cook
Cc: Andy Lutomirski
Cc: Shuah Khan
Cc: Will Drewry
---
tools/testing/selftests/seccomp/Makefile | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tools/testing/selftests
and cleanup comments
Changes since v2:
* add reference to the full documentation in the header file (suggested
by Kees Cook)
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Acked-by: Kees Cook <keesc...@chromium.org>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Jonathan Corb
and cleanup comments
Changes since v2:
* add reference to the full documentation in the header file (suggested
by Kees Cook)
Signed-off-by: Mickaël Salaün
Acked-by: Kees Cook
Cc: Andy Lutomirski
Cc: Jonathan Corbet
Cc: Shuah Khan
Cc: Will Drewry
---
Documentation/dev-tools/kselftest.rst
-by: Mickaël Salaün <m...@digikod.net>
Acked-by: Kees Cook <keesc...@chromium.org>
Acked-by: Will Drewry <w...@chromium.org>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Shuah Khan <sh...@kernel.org>
Link:
https://lkml.kernel.org/r/CAGXu5j+8CVz8vL51DRYXqOY=xc3zuKFf=pt
-by: Mickaël Salaün
Acked-by: Kees Cook
Acked-by: Will Drewry
Cc: Andy Lutomirski
Cc: Shuah Khan
Link:
https://lkml.kernel.org/r/CAGXu5j+8CVz8vL51DRYXqOY=xc3zuKFf=ptene88xyhzfyi...@mail.gmail.com
---
MAINTAINERS | 1 +
tools/testing
On 16/05/2017 22:29, Jonathan Corbet wrote:
> On Tue, 16 May 2017 22:12:39 +0200
> Mickaël Salaün <m...@digikod.net> wrote:
>
>>> I will have to defer to Jon Corbet for Documentation related changes
>>> and patches. Jon! Could you please review and give me an A
On 16/05/2017 22:29, Jonathan Corbet wrote:
> On Tue, 16 May 2017 22:12:39 +0200
> Mickaël Salaün wrote:
>
>>> I will have to defer to Jon Corbet for Documentation related changes
>>> and patches. Jon! Could you please review and give me an Ack.
>>
>
On 04/05/2017 15:58, Shuah Khan wrote:
> On 05/03/2017 04:26 PM, Mickaël Salaün wrote:
>> Hi,
>>
>> This third patch series make the seccomp/test_harness.h more generally
>> available [1] and update the kselftest documentation with the Sphinx format.
>> It
>&g
On 04/05/2017 15:58, Shuah Khan wrote:
> On 05/03/2017 04:26 PM, Mickaël Salaün wrote:
>> Hi,
>>
>> This third patch series make the seccomp/test_harness.h more generally
>> available [1] and update the kselftest documentation with the Sphinx format.
>> It
>&g
On 13/02/2017 02:43, David Ahern wrote:
> On 2/12/17 2:23 PM, Mickaël Salaün wrote:
>> diff --git a/samples/bpf/.gitignore b/samples/bpf/.gitignore
>> new file mode 100644
>> index ..a7562a5ef4c2
>> --- /dev/null
>> +++ b/samples/bpf/.gitignore
&g
On 13/02/2017 02:43, David Ahern wrote:
> On 2/12/17 2:23 PM, Mickaël Salaün wrote:
>> diff --git a/samples/bpf/.gitignore b/samples/bpf/.gitignore
>> new file mode 100644
>> index ..a7562a5ef4c2
>> --- /dev/null
>> +++ b/samples/bpf/.gitignore
&g
the hooks are called, hence multiple times.
To sum up, "capability,selinux,foo,foo" will be replaced with
"capability,selinux,foo", however "capability,foo,selinux,foo" will
remain as is.
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Cc: Casey Schau
the hooks are called, hence multiple times.
To sum up, "capability,selinux,foo,foo" will be replaced with
"capability,selinux,foo", however "capability,foo,selinux,foo" will
remain as is.
Signed-off-by: Mickaël Salaün
Cc: Casey Schaufler
Cc: James Morris
Cc: Ke
On 10/05/2017 01:35, Kees Cook wrote:
> On Tue, May 9, 2017 at 4:08 PM, Mickaël Salaün <m...@digikod.net> wrote:
>> The commit d69dece5f5b6 ("LSM: Add /sys/kernel/security/lsm") extend
>> security_add_hooks() with a new parameter to register the LSM name,
>>
On 10/05/2017 01:35, Kees Cook wrote:
> On Tue, May 9, 2017 at 4:08 PM, Mickaël Salaün wrote:
>> The commit d69dece5f5b6 ("LSM: Add /sys/kernel/security/lsm") extend
>> security_add_hooks() with a new parameter to register the LSM name,
>> which may be useful to ma
the hooks are called, hence multiple times.
To sum up, "capability,selinux,foo,foo" will be replaced with
"capability,selinux,foo", however "capability,foo,selinux,foo" will
remain as is.
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Cc: Casey Schau
the hooks are called, hence multiple times.
To sum up, "capability,selinux,foo,foo" will be replaced with
"capability,selinux,foo", however "capability,foo,selinux,foo" will
remain as is.
Signed-off-by: Mickaël Salaün
Cc: Casey Schaufler
Cc: James Morris
Cc: Ke
On 08/05/2017 22:07, Casey Schaufler wrote:
> On 5/8/2017 12:24 PM, Mickaël Salaün wrote:
>> On 01/05/2017 01:28, James Morris wrote:
>>> On Sat, 29 Apr 2017, Mickaël Salaün wrote:
>>>
>>>> Check if the registering LSM already registered hooks just
On 08/05/2017 22:07, Casey Schaufler wrote:
> On 5/8/2017 12:24 PM, Mickaël Salaün wrote:
>> On 01/05/2017 01:28, James Morris wrote:
>>> On Sat, 29 Apr 2017, Mickaël Salaün wrote:
>>>
>>>> Check if the registering LSM already registered hooks just
On 05/05/2017 22:28, Eric W. Biederman wrote:
> Al Viro writes:
>
>> On Thu, May 04, 2017 at 08:46:49PM -0700, Linus Torvalds wrote:
>>> On Thu, May 4, 2017 at 7:47 PM, Jann Horn wrote:
Thread 1 starts an AT_BENEATH path walk using an O_PATH
On 05/05/2017 22:28, Eric W. Biederman wrote:
> Al Viro writes:
>
>> On Thu, May 04, 2017 at 08:46:49PM -0700, Linus Torvalds wrote:
>>> On Thu, May 4, 2017 at 7:47 PM, Jann Horn wrote:
Thread 1 starts an AT_BENEATH path walk using an O_PATH fd
pointing to
On 01/05/2017 01:28, James Morris wrote:
> On Sat, 29 Apr 2017, Mickaël Salaün wrote:
>
>> Check if the registering LSM already registered hooks just before. This
>> enable to split hook declarations into multiple files without
>> registering multiple time the same LSM na
On 01/05/2017 01:28, James Morris wrote:
> On Sat, 29 Apr 2017, Mickaël Salaün wrote:
>
>> Check if the registering LSM already registered hooks just before. This
>> enable to split hook declarations into multiple files without
>> registering multiple time the same LSM na
Move kselftest.txt to dev-tools/kselftest.rst .
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Acked-by: Kees Cook <keesc...@chromium.org>
Cc: Jonathan Corbet <cor...@lwn.net>
Cc: Shuah Khan <sh...@kernel.org>
---
Documentation/00-INDEX
Move kselftest.txt to dev-tools/kselftest.rst .
Signed-off-by: Mickaël Salaün
Acked-by: Kees Cook
Cc: Jonathan Corbet
Cc: Shuah Khan
---
Documentation/00-INDEX | 2 --
Documentation/{kselftest.txt => dev-tools/kselftest.rst} | 0
2 files changed, 2 deleti
Rebuild the seccomp tests when kselftest_harness.h is updated.
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Acked-by: Kees Cook <keesc...@chromium.org>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Shuah Khan <sh...@kernel.org>
Cc: Will Drewry <w...@chromium.org>
Rebuild the seccomp tests when kselftest_harness.h is updated.
Signed-off-by: Mickaël Salaün
Acked-by: Kees Cook
Cc: Andy Lutomirski
Cc: Shuah Khan
Cc: Will Drewry
---
tools/testing/selftests/seccomp/Makefile | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tools/testing/selftests
Add metadata to kselftest_harness.h to be able to include the comments
in the Sphinx documentation.
Changes since v2:
* add reference to the full documentation in the header file (suggested
by Kees Cook)
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Acked-by: Kees Cook
Add metadata to kselftest_harness.h to be able to include the comments
in the Sphinx documentation.
Changes since v2:
* add reference to the full documentation in the header file (suggested
by Kees Cook)
Signed-off-by: Mickaël Salaün
Acked-by: Kees Cook
Cc: Andy Lutomirski
Cc: Jonathan
Include and convert kselftest to the Sphinx format.
Changes since v2:
* lighten the modifications (suggested by Kees Cook)
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Acked-by: Kees Cook <keesc...@chromium.org>
Cc: Jonathan Corbet <cor...@lwn.net>
Cc: Shuah Khan
Include and convert kselftest to the Sphinx format.
Changes since v2:
* lighten the modifications (suggested by Kees Cook)
Signed-off-by: Mickaël Salaün
Acked-by: Kees Cook
Cc: Jonathan Corbet
Cc: Shuah Khan
---
Documentation/dev-tools/index.rst | 1 +
Documentation/dev-tools
-by: Mickaël Salaün <m...@digikod.net>
Acked-by: Kees Cook <keesc...@chromium.org>
Acked-by: Will Drewry <w...@chromium.org>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Shuah Khan <sh...@kernel.org>
Link:
https://lkml.kernel.org/r/CAGXu5j+8CVz8vL51DRYXqOY=xc3zuKFf=pt
Keep the content consistent with the new name.
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Acked-by: Kees Cook <keesc...@chromium.org>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Shuah Khan <sh...@kernel.org>
Cc: Will Drewry <w...@chromium.org>
-by: Mickaël Salaün
Acked-by: Kees Cook
Acked-by: Will Drewry
Cc: Andy Lutomirski
Cc: Shuah Khan
Link:
https://lkml.kernel.org/r/CAGXu5j+8CVz8vL51DRYXqOY=xc3zuKFf=ptene88xyhzfyi...@mail.gmail.com
---
MAINTAINERS | 1 +
tools/testing
Keep the content consistent with the new name.
Signed-off-by: Mickaël Salaün
Acked-by: Kees Cook
Cc: Andy Lutomirski
Cc: Shuah Khan
Cc: Will Drewry
---
tools/testing/selftests/kselftest_harness.h | 11 ++-
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/tools/testing
+8CVz8vL51DRYXqOY=xc3zuKFf=ptene88xyhzfyi...@mail.gmail.com
Regards,
Mickaël Salaün (6):
selftests: Make test_harness.h more generally available
selftests: Cosmetic renames in kselftest_harness.h
selftests/seccomp: Force rebuild according to dependencies
Documentation/dev-tools: Add kselftest
+8CVz8vL51DRYXqOY=xc3zuKFf=ptene88xyhzfyi...@mail.gmail.com
Regards,
Mickaël Salaün (6):
selftests: Make test_harness.h more generally available
selftests: Cosmetic renames in kselftest_harness.h
selftests/seccomp: Force rebuild according to dependencies
Documentation/dev-tools: Add kselftest
Move kselftest.txt to dev-tools/kselftest.rst .
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Cc: Jonathan Corbet <cor...@lwn.net>
Cc: Shuah Khan <sh...@kernel.org>
---
Documentation/00-INDEX | 2 --
Documentation/{kselftest.txt => de
Move kselftest.txt to dev-tools/kselftest.rst .
Signed-off-by: Mickaël Salaün
Cc: Jonathan Corbet
Cc: Shuah Khan
---
Documentation/00-INDEX | 2 --
Documentation/{kselftest.txt => dev-tools/kselftest.rst} | 0
2 files changed, 2 deletions(-)
ren
Rebuild the seccomp tests when kselftest_harness.h is updated.
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Kees Cook <keesc...@chromium.org>
Cc: Shuah Khan <sh...@kernel.org>
Cc: Will Drewry <w...@chromium.org>
+8CVz8vL51DRYXqOY=xc3zuKFf=ptene88xyhzfyi...@mail.gmail.com
Regards,
Mickaël Salaün (6):
selftests: Make test_harness.h more generally available
selftests: Cosmetic renames in kselftest_harness.h
selftests/seccomp: Force rebuild according to dependencies
Documentation/dev-tools: Add kselftest
Include and convert kselftest to the Sphinx format.
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Cc: Jonathan Corbet <cor...@lwn.net>
Cc: Shuah Khan <sh...@kernel.org>
---
Documentation/dev-tools/index.rst | 1 +
Documentation/dev-tools/
Rebuild the seccomp tests when kselftest_harness.h is updated.
Signed-off-by: Mickaël Salaün
Cc: Andy Lutomirski
Cc: Kees Cook
Cc: Shuah Khan
Cc: Will Drewry
---
tools/testing/selftests/seccomp/Makefile | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tools/testing/selftests/seccomp
+8CVz8vL51DRYXqOY=xc3zuKFf=ptene88xyhzfyi...@mail.gmail.com
Regards,
Mickaël Salaün (6):
selftests: Make test_harness.h more generally available
selftests: Cosmetic renames in kselftest_harness.h
selftests/seccomp: Force rebuild according to dependencies
Documentation/dev-tools: Add kselftest
Include and convert kselftest to the Sphinx format.
Signed-off-by: Mickaël Salaün
Cc: Jonathan Corbet
Cc: Shuah Khan
---
Documentation/dev-tools/index.rst | 1 +
Documentation/dev-tools/kselftest.rst | 77 ---
2 files changed, 55 insertions(+), 23
-by: Mickaël Salaün <m...@digikod.net>
Acked-by: Kees Cook <keesc...@chromium.org>
Acked-by: Will Drewry <w...@chromium.org>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Shuah Khan <sh...@kernel.org>
Link:
https://lkml.kernel.org/r/CAGXu5j+8CVz8vL51DRYXqOY=xc3zuKFf=pt
Keep the content consistent with the new name.
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Kees Cook <keesc...@chromium.org>
Cc: Shuah Khan <sh...@kernel.org>
Cc: Will Drewry <w...@chromium.org>
---
tools/testing
Keep the content consistent with the new name.
Signed-off-by: Mickaël Salaün
Cc: Andy Lutomirski
Cc: Kees Cook
Cc: Shuah Khan
Cc: Will Drewry
---
tools/testing/selftests/kselftest_harness.h | 11 ++-
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/tools/testing
-by: Mickaël Salaün
Acked-by: Kees Cook
Acked-by: Will Drewry
Cc: Andy Lutomirski
Cc: Shuah Khan
Link:
https://lkml.kernel.org/r/CAGXu5j+8CVz8vL51DRYXqOY=xc3zuKFf=ptene88xyhzfyi...@mail.gmail.com
---
MAINTAINERS | 1 +
tools/testing
Add metadata to kselftest_harness.h to be able to include the comments
in the Sphinx documentation.
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Jonathan Corbet <cor...@lwn.net>
Cc: Kees Cook <keesc...@chromium.or
Add metadata to kselftest_harness.h to be able to include the comments
in the Sphinx documentation.
Signed-off-by: Mickaël Salaün
Cc: Andy Lutomirski
Cc: Jonathan Corbet
Cc: Kees Cook
Cc: Shuah Khan
Cc: Will Drewry
---
Documentation/dev-tools/kselftest.rst | 57 ++
tools/testing
un, Apr 30, 2017 at 5:26 AM, Mickaël Salaün <m...@digikod.net> wrote:
>>> The seccomp/test_harness.h file contains useful helpers to build tests.
>>> Moving it to the selftest directory should benefit to other test
>>> components.
>>
>> Unless Shuah think
/seccomp.h
F: tools/testing/selftests/seccomp/*
+F: tools/testing/selftests/test_harness.h
K: \bsecure_computing
K: \bTIF_SECCOMP\b
On 30/04/2017 20:22, Will Drewry wrote:
> On Sun, Apr 30, 2017 at 12:39 PM, Kees Cook wrote:
>>
>> On Sun, Apr 30, 2017 at 5:26 AM,
The seccomp/test_harness.h file contains useful helpers to build tests.
Moving it to the selftest directory should benefit to other test
components.
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Kees Cook <keesc...@chromium.org>
The seccomp/test_harness.h file contains useful helpers to build tests.
Moving it to the selftest directory should benefit to other test
components.
Signed-off-by: Mickaël Salaün
Cc: Andy Lutomirski
Cc: Kees Cook
Cc: Shuah Khan
Cc: Will Drewry
Link:
https://lkml.kernel.org/r/CAGXu5j
On 30/04/2017 04:11, Tetsuo Handa wrote:
> Casey Schaufler wrote:
>> On 4/29/2017 12:02 PM, Mickael Salaun wrote:
>>> Check if the registering LSM already registered hooks just before. This
>>> enable to split hook declarations into multiple files without
>>> registering multiple time the same
On 30/04/2017 04:11, Tetsuo Handa wrote:
> Casey Schaufler wrote:
>> On 4/29/2017 12:02 PM, Mickael Salaun wrote:
>>> Check if the registering LSM already registered hooks just before. This
>>> enable to split hook declarations into multiple files without
>>> registering multiple time the same
Check if the registering LSM already registered hooks just before. This
enable to split hook declarations into multiple files without
registering multiple time the same LSM name, starting from commit
d69dece5f5b6 ("LSM: Add /sys/kernel/security/lsm").
Signed-off-by: Mickaël
Check if the registering LSM already registered hooks just before. This
enable to split hook declarations into multiple files without
registering multiple time the same LSM name, starting from commit
d69dece5f5b6 ("LSM: Add /sys/kernel/security/lsm").
Signed-off-by: Mickaël Salaün
On 19/04/2017 00:47, Mickaël Salaün wrote:
>
> On 19/04/2017 00:23, Kees Cook wrote:
>> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün <m...@digikod.net> wrote:
>>> The semantic is unchanged. This will be useful for the Landlock
>>> integration with secco
On 19/04/2017 00:47, Mickaël Salaün wrote:
>
> On 19/04/2017 00:23, Kees Cook wrote:
>> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote:
>>> The semantic is unchanged. This will be useful for the Landlock
>>> integration with seccomp (next commit).
>>
On 20/04/2017 00:02, Kees Cook wrote:
> On Wed, Apr 19, 2017 at 2:51 PM, Mickaël Salaün <m...@digikod.net> wrote:
>>
>> On 19/04/2017 02:02, Kees Cook wrote:
>>> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün <m...@digikod.net> wrote:
>>>> This is
On 20/04/2017 00:02, Kees Cook wrote:
> On Wed, Apr 19, 2017 at 2:51 PM, Mickaël Salaün wrote:
>>
>> On 19/04/2017 02:02, Kees Cook wrote:
>>> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote:
>>>> This is useful to return an information about the er
On 19/04/2017 01:40, Kees Cook wrote:
> On Tue, Apr 18, 2017 at 4:16 PM, Casey Schaufler <ca...@schaufler-ca.com>
> wrote:
>> On 4/18/2017 3:44 PM, Mickaël Salaün wrote:
>>> On 19/04/2017 00:17, Kees Cook wrote:
>>>> On Tue, Mar 28, 2017 at 4:46 PM,
On 19/04/2017 01:40, Kees Cook wrote:
> On Tue, Apr 18, 2017 at 4:16 PM, Casey Schaufler
> wrote:
>> On 4/18/2017 3:44 PM, Mickaël Salaün wrote:
>>> On 19/04/2017 00:17, Kees Cook wrote:
>>>> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote:
>>&
On 19/04/2017 02:02, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün <m...@digikod.net> wrote:
>> This is useful to return an information about the error without being
>> able to write to TH_LOG_STREAM.
>>
>> Helpers from test_harness.h may
On 19/04/2017 02:02, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote:
>> This is useful to return an information about the error without being
>> able to write to TH_LOG_STREAM.
>>
>> Helpers from test_harness.h may be useful outside
On 19/04/2017 01:26, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün <m...@digikod.net> wrote:
>> This sixth series add some changes to the previous one [1], including a
>> simpler
>> rule inheritance hierarchy (similar to seccomp-bpf), a ptrace sc
On 19/04/2017 01:26, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote:
>> This sixth series add some changes to the previous one [1], including a
>> simpler
>> rule inheritance hierarchy (similar to seccomp-bpf), a ptrace scope
>> protec
On 19/04/2017 01:16, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün <m...@digikod.net> wrote:
>> Test basic context access, ptrace protection and filesystem event with
>> multiple cases.
>>
>> Changes since v5:
>> * add subtype test
>
On 19/04/2017 01:16, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote:
>> Test basic context access, ptrace protection and filesystem event with
>> multiple cases.
>>
>> Changes since v5:
>> * add subtype test
>> * add ptrace tests
&
On 19/04/2017 01:06, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün <m...@digikod.net> wrote:
>> Add a basic sandbox tool to create a process isolated from some part of
>> the system. This sandbox create a read-only environment. It is only
>> allo
On 19/04/2017 01:06, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote:
>> Add a basic sandbox tool to create a process isolated from some part of
>> the system. This sandbox create a read-only environment. It is only
>> allowed to write to a character
On 19/04/2017 00:53, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün <m...@digikod.net> wrote:
>> The seccomp(2) syscall can be used by a task to apply a Landlock rule to
>> itself. As a seccomp filter, a Landlock rule is enforced for the current
>&
On 19/04/2017 00:53, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote:
>> The seccomp(2) syscall can be used by a task to apply a Landlock rule to
>> itself. As a seccomp filter, a Landlock rule is enforced for the current
>> task and all its fu
On 19/04/2017 00:23, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün <m...@digikod.net> wrote:
>> The semantic is unchanged. This will be useful for the Landlock
>> integration with seccomp (next commit).
>>
>> Signed-off-by: Mickaël Salaün &l
On 19/04/2017 00:23, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote:
>> The semantic is unchanged. This will be useful for the Landlock
>> integration with seccomp (next commit).
>>
>> Signed-off-by: Mickaël Salaün
>> Cc: Kees Co
On 19/04/2017 00:17, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün <m...@digikod.net> wrote:
>> Handle 33 filesystem-related LSM hooks for the Landlock filesystem
>> event: LANDLOCK_SUBTYPE_EVENT_FS.
>>
>> A Landlock event wrap LSM hooks for
On 19/04/2017 00:17, Kees Cook wrote:
> On Tue, Mar 28, 2017 at 4:46 PM, Mickaël Salaün wrote:
>> Handle 33 filesystem-related LSM hooks for the Landlock filesystem
>> event: LANDLOCK_SUBTYPE_EVENT_FS.
>>
>> A Landlock event wrap LSM hooks for similar kernel object
On 29/03/2017 01:46, Mickaël Salaün wrote:
> Add a new type of eBPF program used by Landlock rules.
>
> This new BPF program type will be registered with the Landlock LSM
> initialization.
>
> Add an initial Landlock Kconfig.
>
> Changes since v5:
> * rename fil
On 29/03/2017 01:46, Mickaël Salaün wrote:
> Add a new type of eBPF program used by Landlock rules.
>
> This new BPF program type will be registered with the Landlock LSM
> initialization.
>
> Add an initial Landlock Kconfig.
>
> Changes since v5:
> * rename fil
On 10/04/2017 08:48, Djalal Harouni wrote:
> On Wed, Mar 29, 2017 at 1:46 AM, Mickaël Salaün <m...@digikod.net> wrote:
>> A landlocked process has less privileges than a non-landlocked process
>> and must then be subject to additional restrictions when manipulating
>&g
On 10/04/2017 08:48, Djalal Harouni wrote:
> On Wed, Mar 29, 2017 at 1:46 AM, Mickaël Salaün wrote:
>> A landlocked process has less privileges than a non-landlocked process
>> and must then be subject to additional restrictions when manipulating
>> processes. To be al
t;
> To: kbu...@01.org
> Cc: Julia Lawall <julia.law...@lip6.fr>
> Subject: Re: [PATCH net-next v6 01/11] bpf: Add eBPF program subtype and
> is_valid_subtype() verifier
>
> In-Reply-To: <20170328234650.19695-2-...@digikod.net>
> TO: "Mickaël Salaün" <m..
Julia Lawall
> Subject: Re: [PATCH net-next v6 01/11] bpf: Add eBPF program subtype and
> is_valid_subtype() verifier
>
> In-Reply-To: <20170328234650.19695-2-...@digikod.net>
> TO: "Mickaël Salaün"
>
> Hi Mickaël,
>
> [auto build test WARNIN
On 29/03/2017 12:35, Djalal Harouni wrote:
> On Wed, Mar 29, 2017 at 1:46 AM, Mickaël Salaün <m...@digikod.net> wrote:
>> @@ -25,6 +30,9 @@ struct seccomp_filter;
>> struct seccomp {
>> int mode;
>> struct seccomp_filter *filter;
>
On 29/03/2017 12:35, Djalal Harouni wrote:
> On Wed, Mar 29, 2017 at 1:46 AM, Mickaël Salaün wrote:
>> @@ -25,6 +30,9 @@ struct seccomp_filter;
>> struct seccomp {
>> int mode;
>> struct seccomp_filter *filter;
>> +#if defined(
@digikod.net
[3]
https://lkml.kernel.org/r/1477390454-12553-1-git-send-email-dan...@zonque.org
[4]
https://lkml.kernel.org/r/20160829114542.GA20836@ircssh.c.rugged-nimbus-611.internal
[5] https://lkml.kernel.org/r/20161221231506.19800-1-...@digikod.net
Regards,
Mickaël Salaün (11):
bpf: Add e
* with struct path* in map_landlock_handle
* add BPF protos
* fix bpf_landlock_cmp_fs_prop_with_struct_file()
Signed-off-by: Mickaël Salaün <m...@digikod.net>
Cc: Alexei Starovoitov <a...@kernel.org>
Cc: Andy Lutomirski <l...@amacapital.net>
Cc: Daniel Borkmann <dan...@iogea
@digikod.net
[3]
https://lkml.kernel.org/r/1477390454-12553-1-git-send-email-dan...@zonque.org
[4]
https://lkml.kernel.org/r/20160829114542.GA20836@ircssh.c.rugged-nimbus-611.internal
[5] https://lkml.kernel.org/r/20161221231506.19800-1-...@digikod.net
Regards,
Mickaël Salaün (11):
bpf: Add e
801 - 900 of 1481 matches
Mail list logo