On Thu, Jun 9, 2016 at 3:52 PM, Andy Lutomirski wrote:
> On Thu, Jun 9, 2016 at 2:01 PM, Kees Cook wrote:
>> This moves seccomp after ptrace on x86 to that seccomp can catch changes
>> made by ptrace. Emulation should skip the rest of processing too.
>>
>> We can get rid of test_thread_flag becau
On Thu, Jun 9, 2016 at 3:52 PM, Andy Lutomirski wrote:
> On Thu, Jun 9, 2016 at 2:01 PM, Kees Cook wrote:
>> This moves seccomp after ptrace on x86 to that seccomp can catch changes
>> made by ptrace. Emulation should skip the rest of processing too.
>>
>> We can get rid of test_thread_flag becau
On Thu, Jun 9, 2016 at 2:01 PM, Kees Cook wrote:
> This moves seccomp after ptrace on x86 to that seccomp can catch changes
> made by ptrace. Emulation should skip the rest of processing too.
>
> We can get rid of test_thread_flag because there's no longer any
> opportunity for seccomp to mess wit
This moves seccomp after ptrace on x86 to that seccomp can catch changes
made by ptrace. Emulation should skip the rest of processing too.
We can get rid of test_thread_flag because there's no longer any
opportunity for seccomp to mess with ptrace state before invoking
ptrace.
Suggested-by: Andy
