Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ff27f38e authored by Andy Lutomirski's avatar Andy Lutomirski Committed by Kees Cook
Browse files

seccomp: Document two-phase seccomp and arch-provided seccomp_data 



The description of how archs should implement seccomp filters was
still strictly correct, but it failed to describe the newly
available optimizations.

Signed-off-by: default avatarAndy Lutomirski <luto@amacapital.net>
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
parent d39bd00d

arch/Kconfig

+11 −0
Original line number Diff line number Diff line
@@ -323,6 +323,17 @@ config HAVE_ARCH_SECCOMP_FILTER 
	    results in the system call being skipped immediately.

	  - seccomp syscall wired up



	  For best performance, an arch should use seccomp_phase1 and

	  seccomp_phase2 directly.  It should call seccomp_phase1 for all

	  syscalls if TIF_SECCOMP is set, but seccomp_phase1 does not

	  need to be called from a ptrace-safe context.  It must then

	  call seccomp_phase2 if seccomp_phase1 returns anything other

	  than SECCOMP_PHASE1_OK or SECCOMP_PHASE1_SKIP.



	  As an additional optimization, an arch may provide seccomp_data

	  directly to seccomp_phase1; this avoids multiple calls

	  to the syscall_xyz helpers for every syscall.



config SECCOMP_FILTER

	def_bool y

	depends on HAVE_ARCH_SECCOMP_FILTER && SECCOMP && NET