On Thu, Mar 1, 2018 at 1:59 PM, Andy Lutomirski wrote:
> On Thu, Mar 1, 2018 at 9:51 PM, Sargun Dhillon wrote:
>> On Thu, Mar 1, 2018 at 9:44 AM, Andy Lutomirski wrote:
>>> On Wed, Feb 28, 2018 at 7:56 PM, Daniel Borkmann
On Thu, Mar 1, 2018 at 9:51 PM, Sargun Dhillon wrote:
> On Thu, Mar 1, 2018 at 9:44 AM, Andy Lutomirski wrote:
>> On Wed, Feb 28, 2018 at 7:56 PM, Daniel Borkmann
>> wrote:
>>> On 02/28/2018 12:55 AM, chris hyser wrote:
> On
On 03/01/2018 06:44 PM, Andy Lutomirski wrote:
> On Wed, Feb 28, 2018 at 7:56 PM, Daniel Borkmann wrote:
>> On 02/28/2018 12:55 AM, chris hyser wrote:
On 02/27/2018 04:58 PM, Daniel Borkmann wrote: >> On 02/27/2018 05:59 PM,
chris hyser wrote:
>> On 02/27/2018
On Thu, Mar 1, 2018 at 9:44 AM, Andy Lutomirski wrote:
> On Wed, Feb 28, 2018 at 7:56 PM, Daniel Borkmann wrote:
>> On 02/28/2018 12:55 AM, chris hyser wrote:
On 02/27/2018 04:58 PM, Daniel Borkmann wrote: >> On 02/27/2018 05:59 PM,
chris
On Wed, Feb 28, 2018 at 7:56 PM, Daniel Borkmann wrote:
> On 02/28/2018 12:55 AM, chris hyser wrote:
>>> On 02/27/2018 04:58 PM, Daniel Borkmann wrote: >> On 02/27/2018 05:59 PM,
>>> chris hyser wrote:
> On 02/27/2018 11:00 AM, Kees Cook wrote:
>> On Tue, Feb 27,
On 02/28/2018 02:56 PM, Daniel Borkmann wrote:
On 02/28/2018 12:55 AM, chris hyser wrote:
If you're implying that because seccomp would have it's own verifier and could therefore restrict itself to a subset of eBPF,
therefore any future additions/features to eBPF would not necessarily make
On 02/28/2018 12:55 AM, chris hyser wrote:
>> On 02/27/2018 04:58 PM, Daniel Borkmann wrote: >> On 02/27/2018 05:59 PM,
>> chris hyser wrote:
On 02/27/2018 11:00 AM, Kees Cook wrote:
> On Tue, Feb 27, 2018 at 6:53 AM, chris hyser
> wrote:
>> On
On 02/27/2018 04:58 PM, Daniel Borkmann wrote: >> On 02/27/2018 05:59 PM, chris
hyser wrote:
On 02/27/2018 11:00 AM, Kees Cook wrote:
On Tue, Feb 27, 2018 at 6:53 AM, chris hyser wrote:
On 02/26/2018 11:38 PM, Kees Cook wrote:
On Mon, Feb 26, 2018 at 8:19 PM, Andy
On Tue, Feb 27, 2018 at 11:10 PM, Mickaël Salaün wrote:
>
> On 27/02/2018 05:54, Andy Lutomirski wrote:
>>
>>
>>> On Feb 26, 2018, at 8:38 PM, Kees Cook wrote:
>>>
>>> On Mon, Feb 26, 2018 at 8:19 PM, Andy Lutomirski
>>> wrote:
On 27/02/2018 05:54, Andy Lutomirski wrote:
>
>
>> On Feb 26, 2018, at 8:38 PM, Kees Cook wrote:
>>
>> On Mon, Feb 26, 2018 at 8:19 PM, Andy Lutomirski wrote:
On Feb 26, 2018, at 3:20 PM, Kees Cook wrote:
On
On 02/27/2018 04:58 PM, Daniel Borkmann wrote:
On 02/27/2018 05:59 PM, chris hyser wrote:
On 02/27/2018 11:00 AM, Kees Cook wrote:
On Tue, Feb 27, 2018 at 6:53 AM, chris hyser wrote:
On 02/26/2018 11:38 PM, Kees Cook wrote:
On Mon, Feb 26, 2018 at 8:19 PM, Andy
On 02/27/2018 05:59 PM, chris hyser wrote:
> On 02/27/2018 11:00 AM, Kees Cook wrote:
>> On Tue, Feb 27, 2018 at 6:53 AM, chris hyser wrote:
>>> On 02/26/2018 11:38 PM, Kees Cook wrote:
On Mon, Feb 26, 2018 at 8:19 PM, Andy Lutomirski
wrote:
On 02/27/2018 02:19 PM, Kees Cook wrote:
On Tue, Feb 27, 2018 at 8:59 AM, chris hyser wrote:
I will try to find that discussion. As someone pointed out here though, eBPF
A good starting point might be this:
https://lwn.net/Articles/441232/
Thanks. A fair amount of
On Tue, Feb 27, 2018 at 8:59 AM, chris hyser wrote:
> On 02/27/2018 11:00 AM, Kees Cook wrote:
>>
>> On Tue, Feb 27, 2018 at 6:53 AM, chris hyser
>> wrote:
>>>
>>> On 02/26/2018 11:38 PM, Kees Cook wrote:
On Mon, Feb 26, 2018 at 8:19
On 02/27/2018 11:00 AM, Kees Cook wrote:
On Tue, Feb 27, 2018 at 6:53 AM, chris hyser wrote:
On 02/26/2018 11:38 PM, Kees Cook wrote:
On Mon, Feb 26, 2018 at 8:19 PM, Andy Lutomirski
wrote:
3. Straight-up bugs. Those are exactly as problematic
On Tue, Feb 27, 2018 at 6:53 AM, chris hyser wrote:
> On 02/26/2018 11:38 PM, Kees Cook wrote:
>>
>> On Mon, Feb 26, 2018 at 8:19 PM, Andy Lutomirski
>> wrote:
>>>
>>> 3. Straight-up bugs. Those are exactly as problematic as verifier
>>> bugs in any
On 02/26/2018 11:38 PM, Kees Cook wrote:
On Mon, Feb 26, 2018 at 8:19 PM, Andy Lutomirski wrote:
3. Straight-up bugs. Those are exactly as problematic as verifier
bugs in any other unprivileged eBPF program type, right? I don't see
why seccomp is special here.
My
On 02/27/2018 01:01 AM, Sargun Dhillon wrote:
> On Mon, Feb 26, 2018 at 3:04 PM, Alexei Starovoitov
> wrote:
>> On Mon, Feb 26, 2018 at 07:26:54AM +, Sargun Dhillon wrote:
>>> This patchset enables seccomp filters to be written in eBPF. Although, this
>>>
> On Feb 26, 2018, at 8:38 PM, Kees Cook wrote:
>
> On Mon, Feb 26, 2018 at 8:19 PM, Andy Lutomirski wrote:
>>> On Feb 26, 2018, at 3:20 PM, Kees Cook wrote:
>>>
>>> On Mon, Feb 26, 2018 at 3:04 PM, Alexei Starovoitov
>>>
On Mon, Feb 26, 2018 at 8:19 PM, Andy Lutomirski wrote:
>> On Feb 26, 2018, at 3:20 PM, Kees Cook wrote:
>>
>> On Mon, Feb 26, 2018 at 3:04 PM, Alexei Starovoitov
>> wrote:
On Mon, Feb 26, 2018 at 07:26:54AM +,
> On Feb 26, 2018, at 3:20 PM, Kees Cook wrote:
>
> On Mon, Feb 26, 2018 at 3:04 PM, Alexei Starovoitov
> wrote:
>>> On Mon, Feb 26, 2018 at 07:26:54AM +, Sargun Dhillon wrote:
>>> This patchset enables seccomp filters to be written in
On Mon, Feb 26, 2018 at 07:46:19PM -0800, Sargun Dhillon wrote:
> On Mon, Feb 26, 2018 at 5:01 PM, Tycho Andersen wrote:
> > On Mon, Feb 26, 2018 at 03:20:15PM -0800, Kees Cook wrote:
> >> On Mon, Feb 26, 2018 at 3:04 PM, Alexei Starovoitov
> >>
On Mon, Feb 26, 2018 at 5:01 PM, Tycho Andersen wrote:
> On Mon, Feb 26, 2018 at 03:20:15PM -0800, Kees Cook wrote:
>> On Mon, Feb 26, 2018 at 3:04 PM, Alexei Starovoitov
>> wrote:
>> > On Mon, Feb 26, 2018 at 07:26:54AM +, Sargun Dhillon wrote:
On Mon, Feb 26, 2018 at 03:20:15PM -0800, Kees Cook wrote:
> On Mon, Feb 26, 2018 at 3:04 PM, Alexei Starovoitov
> wrote:
> > On Mon, Feb 26, 2018 at 07:26:54AM +, Sargun Dhillon wrote:
> >> This patchset enables seccomp filters to be written in eBPF. Although,
On Mon, Feb 26, 2018 at 3:04 PM, Alexei Starovoitov
wrote:
> On Mon, Feb 26, 2018 at 07:26:54AM +, Sargun Dhillon wrote:
>> This patchset enables seccomp filters to be written in eBPF. Although, this
>> patchset doesn't introduce much of the functionality enabled
On Mon, Feb 26, 2018 at 3:04 PM, Alexei Starovoitov
wrote:
> On Mon, Feb 26, 2018 at 07:26:54AM +, Sargun Dhillon wrote:
>> This patchset enables seccomp filters to be written in eBPF. Although, this
>> [...]
> The main statement I want to hear from seccomp
On Mon, Feb 26, 2018 at 07:26:54AM +, Sargun Dhillon wrote:
> This patchset enables seccomp filters to be written in eBPF. Although, this
> patchset doesn't introduce much of the functionality enabled by eBPF, it lays
> the ground work for it. Currently, you have to disable CHECKPOINT_RESTORE
This patchset enables seccomp filters to be written in eBPF. Although, this
patchset doesn't introduce much of the functionality enabled by eBPF, it lays
the ground work for it. Currently, you have to disable CHECKPOINT_RESTORE
support in order to utilize eBPF seccomp filters, as eBPF filters
28 matches
Mail list logo