Re: [PATCH V2 1/3] seccomp: add generic code for jitted seccomp filters.

From: Will Drewry
Date: Thu Apr 04 2013 - 15:58:54 EST

Next message: Steffen Persvold: "Re: [PATCH] x86, amd, mce: Prevent potential cpu-online oops"
Previous message: Gilad Ben-Yossef: "Re: [RFC GIT PULL] nohz: Kconfig layout improvements"
In reply to: Kees Cook: "Re: [PATCH V2 1/3] seccomp: add generic code for jitted seccomp filters."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Apr 1, 2013 at 4:53 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> On Mon, Mar 18, 2013 at 7:50 AM, Nicolas Schichan <nschichan@xxxxxxxxxx> wrote:
>> Architecture must select HAVE_SECCOMP_FILTER_JIT and implement
>> seccomp_jit_compile() and seccomp_jit_free() if they intend to support
>> jitted seccomp filters.
>>
>> struct seccomp_filter has been moved to <linux/seccomp.h> to make its
>> content available to the jit compilation code.
>>
>> In a way similar to the net BPF, the jit compilation code is expected
>> to updates struct seccomp_filter.bpf_func pointer to the generated
>> code.
>>
>> Signed-off-by: Nicolas Schichan <nschichan@xxxxxxxxxx>
>
> Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
>
> I'd love to see this for x86 too. I suspect it'd be a small change
> after this series lands.

Agreed - and thanks for working through the necessary changes!

Acked-By: Will Drewry <wad@xxxxxxxxxxxx>
(for the series)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Steffen Persvold: "Re: [PATCH] x86, amd, mce: Prevent potential cpu-online oops"
Previous message: Gilad Ben-Yossef: "Re: [RFC GIT PULL] nohz: Kconfig layout improvements"
In reply to: Kees Cook: "Re: [PATCH V2 1/3] seccomp: add generic code for jitted seccomp filters."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]