Re: [RFC 0/3] seccomp trap to userspace

On Fri, Mar 16, 2018 at 09:01:47AM -0700, Andy Lutomirski wrote: > > > > On Mar 16, 2018, at 7:47 AM, Christian Brauner > > wrote: > > > >> On Fri, Mar 16, 2018 at 12:46:55AM +, Andy Lutomirski wrote: > > > I bet I confused everyone with a blatant typo: >

Re: [RFC 0/3] seccomp trap to userspace

On Fri, Mar 16, 2018 at 09:01:47AM -0700, Andy Lutomirski wrote: > > > > On Mar 16, 2018, at 7:47 AM, Christian Brauner > > wrote: > > > >> On Fri, Mar 16, 2018 at 12:46:55AM +, Andy Lutomirski wrote: > > > I bet I confused everyone with a blatant typo: > > >> > >> Hmm, I think we

Re: [RFC 0/3] seccomp trap to userspace

> On Mar 16, 2018, at 7:47 AM, Christian Brauner > wrote: > >> On Fri, Mar 16, 2018 at 12:46:55AM +, Andy Lutomirski wrote: I bet I confused everyone with a blatant typo: >> >> Hmm, I think we have to be very careful to avoid nasty races. I think >> the

Re: [RFC 0/3] seccomp trap to userspace

> On Mar 16, 2018, at 7:47 AM, Christian Brauner > wrote: > >> On Fri, Mar 16, 2018 at 12:46:55AM +, Andy Lutomirski wrote: I bet I confused everyone with a blatant typo: >> >> Hmm, I think we have to be very careful to avoid nasty races. I think >> the correct approach is to notice

Re: [RFC 0/3] seccomp trap to userspace

On Fri, Mar 16, 2018 at 12:46:55AM +, Andy Lutomirski wrote: > On Thu, Mar 15, 2018 at 5:35 PM, Tycho Andersen wrote: > > Hi Andy, > > > > On Thu, Mar 15, 2018 at 05:11:32PM +, Andy Lutomirski wrote: > >> On Thu, Mar 15, 2018 at 5:05 PM, Serge E. Hallyn

Re: [RFC 0/3] seccomp trap to userspace

On Fri, Mar 16, 2018 at 12:46:55AM +, Andy Lutomirski wrote: > On Thu, Mar 15, 2018 at 5:35 PM, Tycho Andersen wrote: > > Hi Andy, > > > > On Thu, Mar 15, 2018 at 05:11:32PM +, Andy Lutomirski wrote: > >> On Thu, Mar 15, 2018 at 5:05 PM, Serge E. Hallyn wrote: > >> > Hm, synchronously -

Re: [RFC 0/3] seccomp trap to userspace

On Thu, Mar 15, 2018 at 5:35 PM, Tycho Andersen wrote: > Hi Andy, > > On Thu, Mar 15, 2018 at 05:11:32PM +, Andy Lutomirski wrote: >> On Thu, Mar 15, 2018 at 5:05 PM, Serge E. Hallyn wrote: >> > Hm, synchronously - that brings to mind a thought... I should

Re: [RFC 0/3] seccomp trap to userspace

On Thu, Mar 15, 2018 at 5:35 PM, Tycho Andersen wrote: > Hi Andy, > > On Thu, Mar 15, 2018 at 05:11:32PM +, Andy Lutomirski wrote: >> On Thu, Mar 15, 2018 at 5:05 PM, Serge E. Hallyn wrote: >> > Hm, synchronously - that brings to mind a thought... I should re-look at >> > Tycho's patches

Re: [RFC 0/3] seccomp trap to userspace

Hi Andy, On Thu, Mar 15, 2018 at 05:11:32PM +, Andy Lutomirski wrote: > On Thu, Mar 15, 2018 at 5:05 PM, Serge E. Hallyn wrote: > > Hm, synchronously - that brings to mind a thought... I should re-look at > > Tycho's patches first, but, if I'm in a container, start some

Re: [RFC 0/3] seccomp trap to userspace

Hi Andy, On Thu, Mar 15, 2018 at 05:11:32PM +, Andy Lutomirski wrote: > On Thu, Mar 15, 2018 at 5:05 PM, Serge E. Hallyn wrote: > > Hm, synchronously - that brings to mind a thought... I should re-look at > > Tycho's patches first, but, if I'm in a container, start some syscall that > >

Re: [RFC 0/3] seccomp trap to userspace

On Thu, Mar 15, 2018 at 5:25 PM, Christian Brauner wrote: > On Thu, Mar 15, 2018 at 05:11:32PM +, Andy Lutomirski wrote: >> On Thu, Mar 15, 2018 at 5:05 PM, Serge E. Hallyn wrote: >> > Quoting Andy Lutomirski (l...@kernel.org): >> >> On Thu,

Re: [RFC 0/3] seccomp trap to userspace

On Thu, Mar 15, 2018 at 5:25 PM, Christian Brauner wrote: > On Thu, Mar 15, 2018 at 05:11:32PM +, Andy Lutomirski wrote: >> On Thu, Mar 15, 2018 at 5:05 PM, Serge E. Hallyn wrote: >> > Quoting Andy Lutomirski (l...@kernel.org): >> >> On Thu, Mar 15, 2018 at 4:09 PM, Christian Brauner >> >>

Re: [RFC 0/3] seccomp trap to userspace

On Thu, Mar 15, 2018 at 05:11:32PM +, Andy Lutomirski wrote: > On Thu, Mar 15, 2018 at 5:05 PM, Serge E. Hallyn wrote: > > Quoting Andy Lutomirski (l...@kernel.org): > >> On Thu, Mar 15, 2018 at 4:09 PM, Christian Brauner > >> wrote: > >> >

Re: [RFC 0/3] seccomp trap to userspace

On Thu, Mar 15, 2018 at 05:11:32PM +, Andy Lutomirski wrote: > On Thu, Mar 15, 2018 at 5:05 PM, Serge E. Hallyn wrote: > > Quoting Andy Lutomirski (l...@kernel.org): > >> On Thu, Mar 15, 2018 at 4:09 PM, Christian Brauner > >> wrote: > >> > On Sun, Feb 04, 2018 at 11:49:43AM +0100, Tycho

Re: [RFC 0/3] seccomp trap to userspace

On Thu, Mar 15, 2018 at 5:05 PM, Serge E. Hallyn wrote: > Quoting Andy Lutomirski (l...@kernel.org): >> On Thu, Mar 15, 2018 at 4:09 PM, Christian Brauner >> wrote: >> > On Sun, Feb 04, 2018 at 11:49:43AM +0100, Tycho Andersen wrote: >> >>

Re: [RFC 0/3] seccomp trap to userspace

On Thu, Mar 15, 2018 at 5:05 PM, Serge E. Hallyn wrote: > Quoting Andy Lutomirski (l...@kernel.org): >> On Thu, Mar 15, 2018 at 4:09 PM, Christian Brauner >> wrote: >> > On Sun, Feb 04, 2018 at 11:49:43AM +0100, Tycho Andersen wrote: >> >> Several months ago at Linux Plumber's, we had a

Re: [RFC 0/3] seccomp trap to userspace

Quoting Andy Lutomirski (l...@kernel.org): > On Thu, Mar 15, 2018 at 4:09 PM, Christian Brauner > wrote: > > On Sun, Feb 04, 2018 at 11:49:43AM +0100, Tycho Andersen wrote: > >> Several months ago at Linux Plumber's, we had a discussion about adding a > >> feature

Re: [RFC 0/3] seccomp trap to userspace

Quoting Andy Lutomirski (l...@kernel.org): > On Thu, Mar 15, 2018 at 4:09 PM, Christian Brauner > wrote: > > On Sun, Feb 04, 2018 at 11:49:43AM +0100, Tycho Andersen wrote: > >> Several months ago at Linux Plumber's, we had a discussion about adding a > >> feature to seccomp which would allow

Re: [RFC 0/3] seccomp trap to userspace

On Thu, Mar 15, 2018 at 4:09 PM, Christian Brauner wrote: > On Sun, Feb 04, 2018 at 11:49:43AM +0100, Tycho Andersen wrote: >> Several months ago at Linux Plumber's, we had a discussion about adding a >> feature to seccomp which would allow seccomp to trigger a

Re: [RFC 0/3] seccomp trap to userspace

On Thu, Mar 15, 2018 at 4:09 PM, Christian Brauner wrote: > On Sun, Feb 04, 2018 at 11:49:43AM +0100, Tycho Andersen wrote: >> Several months ago at Linux Plumber's, we had a discussion about adding a >> feature to seccomp which would allow seccomp to trigger a notification for >> some >> other

Re: [RFC 0/3] seccomp trap to userspace

On Sun, Feb 04, 2018 at 11:49:43AM +0100, Tycho Andersen wrote: > Several months ago at Linux Plumber's, we had a discussion about adding a > feature to seccomp which would allow seccomp to trigger a notification for > some > other process. Here's a draft of that feature. > > Patch 1 contains

Re: [RFC 0/3] seccomp trap to userspace

On Sun, Feb 04, 2018 at 11:49:43AM +0100, Tycho Andersen wrote: > Several months ago at Linux Plumber's, we had a discussion about adding a > feature to seccomp which would allow seccomp to trigger a notification for > some > other process. Here's a draft of that feature. > > Patch 1 contains

[RFC 0/3] seccomp trap to userspace

Several months ago at Linux Plumber's, we had a discussion about adding a feature to seccomp which would allow seccomp to trigger a notification for some other process. Here's a draft of that feature. Patch 1 contains the bulk of it, patches 2 & 3 offer an alternative way to acquire the fd that

[RFC 0/3] seccomp trap to userspace

Several months ago at Linux Plumber's, we had a discussion about adding a feature to seccomp which would allow seccomp to trigger a notification for some other process. Here's a draft of that feature. Patch 1 contains the bulk of it, patches 2 & 3 offer an alternative way to acquire the fd that