Re: [PATCH 4/7] seccomp_filter: add process state reporting

From: Will Drewry
Date: Mon May 02 2011 - 06:08:37 EST

Next message: KOSAKI Motohiro: "Re: [RFC][PATCH] mm: cut down __GFP_NORETRY page allocation failures"
Previous message: Meelis Roos: "Warning at block/genhd.c:1556 disk_clear_events"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 28, 2011 at 3:54 PM, James Morris <jmorris@xxxxxxxxx> wrote:
> On Wed, 27 Apr 2011, Will Drewry wrote:
>
>> > Can't you make individual seccomp specific file?
>>
>> Definitely. Would it make sense to have /proc/<pid>/seccomp and
>> /proc/<pid>/seccomp_filter?
>
> Do you need the separate seccomp file vs. just checking what's in
> seccomp_filter ?

Initially, I would've said yes, because I had modeled it such that any
entries in /proc/<pid>/seccomp_filter could be fed right back into as
filters. However, as I've reworked it from Frederic and other's
feedback, I don't need to keep the separation - all the relevant info
can just be in seccomp_filter and no secondary file will be useful.

Thanks for pointing it out! I'm tracking down what is, no doubt, a
dumb bug (still), but once I sort it, I'll repost the series with this
change included.

Cheers!
will
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: KOSAKI Motohiro: "Re: [RFC][PATCH] mm: cut down __GFP_NORETRY page allocation failures"
Previous message: Meelis Roos: "Warning at block/genhd.c:1556 disk_clear_events"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]