Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CABXk95CvE7O8ZL864AoVtKA7XqA_XaxA66Zz5ncpDWFSO7C19Q@mail.gmail.com>
Date: Thu, 28 Jan 2016 19:03:57 -0800
From: Jeffrey Vander Stoep <jeffv@...gle.com>
To: Andy Lutomirski <luto@...capital.net>, Kees Cook <keescook@...omium.org>
Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Oleg Nesterov <oleg@...hat.com>, 
	Will Drewry <wad@...omium.org>, "linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>, 
	Linux API <linux-api@...r.kernel.org>, 
	LSM List <linux-security-module@...r.kernel.org>, 
	"kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>
Subject: Re: [RFC][PATCH] seccomp: add SECCOMP_RET_ACK for non-fatal SIGSYS

Thanks! This is just what I need.

What are the drawbacks to returning the sigsys before executing the
system call? Otherwise this loses the benefit of properly reporting
registers for argument inspection.

How about SECCOMP_RET_PERMISSIVE? Describes the application rather
than the implementation. Otherwise preference is for
SECCOMP_RET_ALLOW_SIGSYS.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.