Blacklist kill if NR > X32_SYSCALL_BIT-1

twtiger / gosecco

Go seccomp parser and compiler

GNU Lesser General Public License v3.0

53 stars 7 forks source link

Blacklist kill if NR > X32_SYSCALL_BIT-1 #23

Closed chelseakomlo closed 8 years ago

chelseakomlo commented 8 years ago

In a blacklist, kill if NR > X32_SYSCALL_BIT-1

chelseakomlo commented 8 years ago

@olabini how do we know if a policy is a whitelist or blacklist? We don't have that distinction for a policy right now, just default positive and negative actions.

chelseakomlo commented 8 years ago

See #24

chelseakomlo commented 8 years ago

I believe this could be related to #20- we only compare syscalls to current syscall (32 bits)

olabini commented 8 years ago

Hm. There is something more I think.

olabini commented 8 years ago

I think we should make this customizable what happens. Basically, we should have a parameter X32_ABI_action that triggers if the X32_SYSCALL_BIT is set.

olabini commented 8 years ago

That should give the same behavior, if you compile with "kill" as the x32_abi_action.

olabini commented 8 years ago

This is done now.