Re: [patch] let CONFIG_SECCOMP default to n

> On Wed, 12 Jul 2006, Chuck Ebbert wrote:
> >
> > We can just fold the TSC disable stuff into the new thread_flags test
> > at context-switch time:

Great idea Chunk! We already use them in the syscall, it sounds a
perfect fit ;).

On Wed, Jul 12, 2006 at 02:55:38PM -0700, Linus Torvalds wrote:
> 
> I really think that this should be cleaned up to _not_ confuse the issue 
> of TSC with any "secure computing" issue.
> 
> The two have nothing to do with each other from a technical standpoint. 
> 
> Just make the flag be called "TIF_NOTSC", and then any random usage 
> (whether it be seccomp or anything else) can just set that flag, the same 
> way ioperm() sets TIF_IO_BITMAP.
> 
> Much cleaner. 
> 
> There's no point in mixing up an implementation detail like SECCOMP with a 
> feature like this.

The only single advantage I can see in remaining purely in function of
seccomp instead of going in function of _TIF_NOTSC, is that the below
block would be completely optimized away at compile time when
CONFIG_SECCOMP is set to N. This now become a slow-path, but then I'm
unsure if the anti-seccomp advocates can live with this block in the
slow path given that seccomp will be the only user of the feature. I
suspect they won't like it but then I could be wrong.

I like it either ways.

	/*
	 * Context switch may need to tweak the TSC disable bit in CR4.
	 * The optimizer should remove this code when !CONFIG_SECCOMP.
	 */
	if (has_secure_computing(task_thread_info(prev_p)) ^
	    has_secure_computing(task_thread_info(next_p))) {
		/* prev and next are different */
		if (has_secure_computing(task_thread_info(next_p)))
			write_cr4(read_cr4() | X86_CR4_TSD);
		else
			write_cr4(read_cr4() & ~X86_CR4_TSD);
	}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• References:
  • Re: [patch] let CONFIG_SECCOMP default to n
    • From: Chuck Ebbert <[email protected]>
  • Re: [patch] let CONFIG_SECCOMP default to n
    • From: Linus Torvalds <[email protected]>

• Prev by Date: Re: [patch] Re: Magic Alt-SysRq change in 2.6.18-rc1
• Next by Date: Re: [PATCH] Use uname not sysctl to get the kernel revision
• Previous by thread: Re: [patch] let CONFIG_SECCOMP default to n
• Next by thread: Re: [patch] let CONFIG_SECCOMP default to n
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]