On Thu, 07 Nov 2013, Kees Cook wrote:
> On Thu, Nov 7, 2013 at 4:55 AM, Henrique de Moraes Holschuh
> wrote:
> > On Tue, 05 Nov 2013, Andy Lutomirski wrote:
> >> Maybe the thing to do is to put a warning in the config text for
> >> CONFIG_OABI_COMPAT that describes the problems (malicious
On Thu, Nov 7, 2013 at 4:55 AM, Henrique de Moraes Holschuh
wrote:
> On Tue, 05 Nov 2013, Andy Lutomirski wrote:
>> Maybe the thing to do is to put a warning in the config text for
>> CONFIG_OABI_COMPAT that describes the problems (malicious userspace
>> can confuse syscall auditors, strace,
On Tue, 05 Nov 2013, Andy Lutomirski wrote:
> Maybe the thing to do is to put a warning in the config text for
> CONFIG_OABI_COMPAT that describes the problems (malicious userspace
> can confuse syscall auditors, strace, etc.), change the "if in doubt"
> part to N, and disable seccomp filters if
On Tue, 05 Nov 2013, Andy Lutomirski wrote:
Maybe the thing to do is to put a warning in the config text for
CONFIG_OABI_COMPAT that describes the problems (malicious userspace
can confuse syscall auditors, strace, etc.), change the if in doubt
part to N, and disable seccomp filters if
On Thu, Nov 7, 2013 at 4:55 AM, Henrique de Moraes Holschuh
h...@hmh.eng.br wrote:
On Tue, 05 Nov 2013, Andy Lutomirski wrote:
Maybe the thing to do is to put a warning in the config text for
CONFIG_OABI_COMPAT that describes the problems (malicious userspace
can confuse syscall auditors,
On Thu, 07 Nov 2013, Kees Cook wrote:
On Thu, Nov 7, 2013 at 4:55 AM, Henrique de Moraes Holschuh
h...@hmh.eng.br wrote:
On Tue, 05 Nov 2013, Andy Lutomirski wrote:
Maybe the thing to do is to put a warning in the config text for
CONFIG_OABI_COMPAT that describes the problems (malicious
On Wed, Nov 6, 2013 at 2:30 PM, Matt Sealey wrote:
> On Tue, Nov 5, 2013 at 6:14 PM, Kees Cook wrote:
>>
>> Alternatively, CONFIG_SECCOMP_FILTER could depend on
>> !CONFIG_OABI_COMPAT. That seems like the least work, given the desire
>> to kill OABI in the real world. (Though I would note that
On Tue, Nov 5, 2013 at 6:14 PM, Kees Cook wrote:
>
> Alternatively, CONFIG_SECCOMP_FILTER could depend on
> !CONFIG_OABI_COMPAT. That seems like the least work, given the desire
> to kill OABI in the real world. (Though I would note that at least
> Ubuntu's ARM kernels build with
On Wed, Nov 06, 2013 at 01:26:52PM -0800, Kees Cook wrote:
> On Wed, Nov 6, 2013 at 1:20 PM, Will Drewry wrote:
> > On Wed, Nov 6, 2013 at 9:51 AM, Russell King - ARM Linux
> > wrote:
> >> On Wed, Nov 06, 2013 at 10:32:31AM -0500, Eric Paris wrote:
> >>> On Tue, 2013-11-05 at 14:36 -0800, Andy
On Wed, Nov 6, 2013 at 1:26 PM, Kees Cook wrote:
> On Wed, Nov 6, 2013 at 1:20 PM, Will Drewry wrote:
>> On Wed, Nov 6, 2013 at 9:51 AM, Russell King - ARM Linux
>> wrote:
>>> On Wed, Nov 06, 2013 at 10:32:31AM -0500, Eric Paris wrote:
On Tue, 2013-11-05 at 14:36 -0800, Andy Lutomirski
On Wed, Nov 6, 2013 at 1:20 PM, Will Drewry wrote:
> On Wed, Nov 6, 2013 at 9:51 AM, Russell King - ARM Linux
> wrote:
>> On Wed, Nov 06, 2013 at 10:32:31AM -0500, Eric Paris wrote:
>>> On Tue, 2013-11-05 at 14:36 -0800, Andy Lutomirski wrote:
>>> > 1. Set a different audit arch for OABI
On Wed, Nov 6, 2013 at 9:51 AM, Russell King - ARM Linux
wrote:
> On Wed, Nov 06, 2013 at 10:32:31AM -0500, Eric Paris wrote:
>> On Tue, 2013-11-05 at 14:36 -0800, Andy Lutomirski wrote:
>> > 1. Set a different audit arch for OABI syscalls (e.g.
>> > AUDIT_ARCH_ARMOABI). That is, treat OABI
On Wed, Nov 06, 2013 at 10:32:31AM -0500, Eric Paris wrote:
> On Tue, 2013-11-05 at 14:36 -0800, Andy Lutomirski wrote:
> > 1. Set a different audit arch for OABI syscalls (e.g.
> > AUDIT_ARCH_ARMOABI). That is, treat OABI syscall entries the same way
> > that x86_64 treats int 80.
>
> As the
On Tue, 2013-11-05 at 14:36 -0800, Andy Lutomirski wrote:
> [cc: some ARM people]
>
> After a bit of an adventure, I got QEMU working. (Linux 3.12's smc91x
> driver and qemu 1.6 don't get along. It would be great if some
> kernel.org page described a standard way to boot a modern Linux image
>
Russell King - ARM Linux writes:
> OABI compat was meant to allow a transition from OABI to EABI. While
> a lot of effort went in to the kernel side of that, which does allow
> OABI based userspace to boot with an EABI kernel, and allows OABI built
> test programs to run under an EABI kernel,
Russell King - ARM Linux writes:
OABI compat was meant to allow a transition from OABI to EABI. While
a lot of effort went in to the kernel side of that, which does allow
OABI based userspace to boot with an EABI kernel, and allows OABI built
test programs to run under an EABI kernel,
On Tue, 2013-11-05 at 14:36 -0800, Andy Lutomirski wrote:
[cc: some ARM people]
After a bit of an adventure, I got QEMU working. (Linux 3.12's smc91x
driver and qemu 1.6 don't get along. It would be great if some
kernel.org page described a standard way to boot a modern Linux image
on a
On Wed, Nov 06, 2013 at 10:32:31AM -0500, Eric Paris wrote:
On Tue, 2013-11-05 at 14:36 -0800, Andy Lutomirski wrote:
1. Set a different audit arch for OABI syscalls (e.g.
AUDIT_ARCH_ARMOABI). That is, treat OABI syscall entries the same way
that x86_64 treats int 80.
As the audit
On Wed, Nov 6, 2013 at 9:51 AM, Russell King - ARM Linux
li...@arm.linux.org.uk wrote:
On Wed, Nov 06, 2013 at 10:32:31AM -0500, Eric Paris wrote:
On Tue, 2013-11-05 at 14:36 -0800, Andy Lutomirski wrote:
1. Set a different audit arch for OABI syscalls (e.g.
AUDIT_ARCH_ARMOABI). That is,
On Wed, Nov 6, 2013 at 1:20 PM, Will Drewry w...@chromium.org wrote:
On Wed, Nov 6, 2013 at 9:51 AM, Russell King - ARM Linux
li...@arm.linux.org.uk wrote:
On Wed, Nov 06, 2013 at 10:32:31AM -0500, Eric Paris wrote:
On Tue, 2013-11-05 at 14:36 -0800, Andy Lutomirski wrote:
1. Set a different
On Wed, Nov 6, 2013 at 1:26 PM, Kees Cook keesc...@chromium.org wrote:
On Wed, Nov 6, 2013 at 1:20 PM, Will Drewry w...@chromium.org wrote:
On Wed, Nov 6, 2013 at 9:51 AM, Russell King - ARM Linux
li...@arm.linux.org.uk wrote:
On Wed, Nov 06, 2013 at 10:32:31AM -0500, Eric Paris wrote:
On
On Wed, Nov 06, 2013 at 01:26:52PM -0800, Kees Cook wrote:
On Wed, Nov 6, 2013 at 1:20 PM, Will Drewry w...@chromium.org wrote:
On Wed, Nov 6, 2013 at 9:51 AM, Russell King - ARM Linux
li...@arm.linux.org.uk wrote:
On Wed, Nov 06, 2013 at 10:32:31AM -0500, Eric Paris wrote:
On Tue,
On Tue, Nov 5, 2013 at 6:14 PM, Kees Cook keesc...@chromium.org wrote:
Alternatively, CONFIG_SECCOMP_FILTER could depend on
!CONFIG_OABI_COMPAT. That seems like the least work, given the desire
to kill OABI in the real world. (Though I would note that at least
Ubuntu's ARM kernels build with
On Wed, Nov 6, 2013 at 2:30 PM, Matt Sealey n...@bakuhatsu.net wrote:
On Tue, Nov 5, 2013 at 6:14 PM, Kees Cook keesc...@chromium.org wrote:
Alternatively, CONFIG_SECCOMP_FILTER could depend on
!CONFIG_OABI_COMPAT. That seems like the least work, given the desire
to kill OABI in the real
On Tue, Nov 5, 2013 at 4:40 PM, Russell King - ARM Linux
wrote:
> On Tue, Nov 05, 2013 at 04:14:49PM -0800, Kees Cook wrote:
>> I would agree: option 1 seems cleanest of the 3. 3 is sort of like a
>> built-in automatic check for a mismatched arch, so maybe that works
>> better?
>>
>>
On Tue, Nov 05, 2013 at 04:14:49PM -0800, Kees Cook wrote:
> I would agree: option 1 seems cleanest of the 3. 3 is sort of like a
> built-in automatic check for a mismatched arch, so maybe that works
> better?
>
> Alternatively, CONFIG_SECCOMP_FILTER could depend on
> !CONFIG_OABI_COMPAT. That
On Tue, Nov 5, 2013 at 2:36 PM, Andy Lutomirski wrote:
> [cc: some ARM people]
>
> After a bit of an adventure, I got QEMU working. (Linux 3.12's smc91x
> driver and qemu 1.6 don't get along. It would be great if some
> kernel.org page described a standard way to boot a modern Linux image
> on
[cc: some ARM people]
After a bit of an adventure, I got QEMU working. (Linux 3.12's smc91x
driver and qemu 1.6 don't get along. It would be great if some
kernel.org page described a standard way to boot a modern Linux image
on a modern QEMU version, but I digress.)
The current state of
[cc: some ARM people]
After a bit of an adventure, I got QEMU working. (Linux 3.12's smc91x
driver and qemu 1.6 don't get along. It would be great if some
kernel.org page described a standard way to boot a modern Linux image
on a modern QEMU version, but I digress.)
The current state of
On Tue, Nov 5, 2013 at 2:36 PM, Andy Lutomirski l...@amacapital.net wrote:
[cc: some ARM people]
After a bit of an adventure, I got QEMU working. (Linux 3.12's smc91x
driver and qemu 1.6 don't get along. It would be great if some
kernel.org page described a standard way to boot a modern
On Tue, Nov 05, 2013 at 04:14:49PM -0800, Kees Cook wrote:
I would agree: option 1 seems cleanest of the 3. 3 is sort of like a
built-in automatic check for a mismatched arch, so maybe that works
better?
Alternatively, CONFIG_SECCOMP_FILTER could depend on
!CONFIG_OABI_COMPAT. That seems
On Tue, Nov 5, 2013 at 4:40 PM, Russell King - ARM Linux
li...@arm.linux.org.uk wrote:
On Tue, Nov 05, 2013 at 04:14:49PM -0800, Kees Cook wrote:
I would agree: option 1 seems cleanest of the 3. 3 is sort of like a
built-in automatic check for a mismatched arch, so maybe that works
better?
32 matches
Mail list logo