Re: [PATCH 2/2] RISC-V: Add support for SECCOMP
On Wed, Oct 24, 2018 at 2:42 PM, Kees Cook <keescook(a)chromium.org> wrote:
config HAVE_ARCH_SECCOMP_FILTER
bool
help
An arch should select this symbol if it provides all of these things:
- syscall_get_arch()
- syscall_get_arguments()
- syscall_rollback()
- syscall_set_return_value()
- SIGSYS siginfo_t support
- secure_computing is called from a ptrace_event()-safe context
- secure_computing return value is checked and a return value of -1
results in the system call being skipped immediately.
- seccomp syscall wired up
Oh, and I should add to this list, "passes
tools/testing/selftests/seccomp/seccomp_bpf test". :)
--
Kees Cook