On 04/29/2013 02:18 PM, Nicolas Schichan wrote:
My solution also allows the seccomp jit code to be disabled while still
allowing jit on socket filters (via a Kconfig option). This might be useful to
some people.
Please disregard the above, I had missed the fact that the
BPF_S_ANC_SECCOMP_LD_W
On 04/26/2013 02:31 PM, Xi Wang wrote:
Thanks for the pointer.
For the ARM part, looks like Nicolas's patch requires to implement two
wrappers for each arch:
void seccomp_jit_compile(struct seccomp_filter *fp);
void seccomp_jit_free(struct seccomp_filter *fp);
The implementation of these
On 04/26/2013 02:31 PM, Xi Wang wrote:
On Fri, Apr 26, 2013 at 7:46 AM, Daniel Borkmann wrote:
I think BPF JIT for seccomp on ARM recently got applied to -mm tree
if I'm not mistaken. It was from Nicolas Schichan (cc):
http://thread.gmane.org/gmane.linux.ports.arm.kernel/233416/
Thanks for t
On Fri, Apr 26, 2013 at 7:46 AM, Daniel Borkmann wrote:
> I think BPF JIT for seccomp on ARM recently got applied to -mm tree
> if I'm not mistaken. It was from Nicolas Schichan (cc):
>
> http://thread.gmane.org/gmane.linux.ports.arm.kernel/233416/
Thanks for the pointer.
For the ARM part, looks
On Fri, Apr 26, 2013 at 7:46 AM, Heiko Carstens
wrote:
> And build fine on s390.
Thanks!
>> Btw. are there any test cases around for BPF JIT?
>> Not only for the new seccomp but also netfilter?
>
> This however is still a valid question.
Not sure about test cases for BPF JIT in general. I used
On 04/26/2013 01:25 PM, Heiko Carstens wrote:
On Fri, Apr 26, 2013 at 03:51:40AM -0400, Xi Wang wrote:
This patchset brings JIT support to seccomp filters for x86_64 and ARM.
It is against the net-next tree.
The current BPF JIT interface only accepts sk_filter, not seccomp_filter.
Patch 1/6 ref
On Fri, Apr 26, 2013 at 01:25:39PM +0200, Heiko Carstens wrote:
> On Fri, Apr 26, 2013 at 03:51:40AM -0400, Xi Wang wrote:
> > This patchset brings JIT support to seccomp filters for x86_64 and ARM.
> > It is against the net-next tree.
> >
> > The current BPF JIT interface only accepts sk_filter,
On Fri, Apr 26, 2013 at 03:51:40AM -0400, Xi Wang wrote:
> This patchset brings JIT support to seccomp filters for x86_64 and ARM.
> It is against the net-next tree.
>
> The current BPF JIT interface only accepts sk_filter, not seccomp_filter.
> Patch 1/6 refactors the interface to make it more ge
This patchset brings JIT support to seccomp filters for x86_64 and ARM.
It is against the net-next tree.
The current BPF JIT interface only accepts sk_filter, not seccomp_filter.
Patch 1/6 refactors the interface to make it more general.
With the refactored interface, patches 2/6 and 3/6 implemen
9 matches
Mail list logo
