seccomp: Document two-phase seccomp and arch-provided seccomp_data
The description of how archs should implement seccomp filters was still strictly correct, but it failed to describe the newly available optimizations. Signed-off-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: Kees Cook <keescook@chromium.org>
This commit is contained in:
parent
d39bd00dea
commit
ff27f38e0e
11
arch/Kconfig
11
arch/Kconfig
|
@ -323,6 +323,17 @@ config HAVE_ARCH_SECCOMP_FILTER
|
|||
results in the system call being skipped immediately.
|
||||
- seccomp syscall wired up
|
||||
|
||||
For best performance, an arch should use seccomp_phase1 and
|
||||
seccomp_phase2 directly. It should call seccomp_phase1 for all
|
||||
syscalls if TIF_SECCOMP is set, but seccomp_phase1 does not
|
||||
need to be called from a ptrace-safe context. It must then
|
||||
call seccomp_phase2 if seccomp_phase1 returns anything other
|
||||
than SECCOMP_PHASE1_OK or SECCOMP_PHASE1_SKIP.
|
||||
|
||||
As an additional optimization, an arch may provide seccomp_data
|
||||
directly to seccomp_phase1; this avoids multiple calls
|
||||
to the syscall_xyz helpers for every syscall.
|
||||
|
||||
config SECCOMP_FILTER
|
||||
def_bool y
|
||||
depends on HAVE_ARCH_SECCOMP_FILTER && SECCOMP && NET
|
||||
|
|
Loading…
Reference in New Issue