Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 13 Aug 2011 19:19:47 +0400
From: Solar Designer <>
Subject: Re: 32/64 bitness restriction for pid namespace


On Sat, Aug 13, 2011 at 07:12:20PM +0400, Vasiliy Kulikov wrote:
> Re: slowdown - my assumptions are:
> 1) we don't want any slowdown for legitimate tasks - 64 bit tasks for 64
> bit containers and 32 bit tasks for 32 bit containers.
> 2) slowdown of malicious (or broken) tasks is not important.


> /* work to do in syscall_trace_enter() */
> So, there is a mask, which is used to identify whether a syscall needs
> additional pre/post processing.  If divide syscall_trace_enter() into 3
> functions, we'll get what we want.  This will result in zero impact on
> the legitimate code (relavite to current behaviour).
> One drawback - *tracesys clobbers EAX/RAX, so I still have to patch asm.

I haven't looked into the detail of this, but in general I like the
approach of reusing a check that is already in the code.  Please proceed
with this.



Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.