Re: PR_SET_SECCOMP and PR_GET_SECCOMP doc (and bug?)

From: Valdis . Kletnieks
Date: Tue Jun 17 2008 - 12:12:44 EST

Next message: Yinghai Lu: "Re: [PATCH] x86: merge setup_memory_map with e820"
Previous message: Miklos Szeredi: "[2.6.26 patch] fuse: fix thinko in max I/O size calucation"
In reply to: Michael Kerrisk: "Re: PR_SET_SECCOMP and PR_GET_SECCOMP doc (and bug?)"
Next in thread: Andrea Arcangeli: "Re: PR_SET_SECCOMP and PR_GET_SECCOMP doc (and bug?)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 17 Jun 2008 15:32:29 +0200, Michael Kerrisk said:
> On Mon, Jun 16, 2008 at 6:25 PM, Andrea Arcangeli <andrea@xxxxxxxxxxxx> wrote:
> > On Mon, Jun 16, 2008 at 02:15:13PM +0200, Michael Kerrisk wrote:

> >> PR_GET_SECCOMP (since Linux 2.6.23)
> >> Return the secure computing mode of the calling thread.
> >> Not very useful: if the caller is not in secure computing
> >> mode, this operation returns 0; if the caller is in secure
> >> computing mode, then the prctl() call will cause a SIGKILL
> >> signal to be sent to the process. This operation is only
> >> available if the kernel is configured with CONFIG_SECCOMP
> >> enabled.

Would it make sense to change the text to read "Not very useful for the
current implementation of mode=1" and/or add that it may be useful for
future modes that allow prctl() modes other than 1?

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Yinghai Lu: "Re: [PATCH] x86: merge setup_memory_map with e820"
Previous message: Miklos Szeredi: "[2.6.26 patch] fuse: fix thinko in max I/O size calucation"
In reply to: Michael Kerrisk: "Re: PR_SET_SECCOMP and PR_GET_SECCOMP doc (and bug?)"
Next in thread: Andrea Arcangeli: "Re: PR_SET_SECCOMP and PR_GET_SECCOMP doc (and bug?)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]