Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp3613009imm; Mon, 8 Oct 2018 06:55:40 -0700 (PDT) X-Google-Smtp-Source: ACcGV62Xib2+G3ipBR9dkSXm4wjVYhdVsrpZiclrEKG/944NWcwLtVAm/l2nklqcDz7LLrk09a5H X-Received: by 2002:aa7:86cc:: with SMTP id h12-v6mr24856312pfo.58.1539006940550; Mon, 08 Oct 2018 06:55:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1539006940; cv=none; d=google.com; s=arc-20160816; b=08eNsfBTpOTjY3JkGdDWMwcWs6ffxs5rH3q4VoJQNaqLDzY6slSYuG0LiEydInCwXj 6+fR5tRYyf8GGG6Ar98eA08kVkx8MU54xglvIgW/RDCT6V7GOCbFkeTWxTMLpp2oiVm+ j9oANyKgIBVmvZa58Oy0+lTMULH3yenxNNtDoqogGht6UNzw+IQ2B6Urar+qKXnJRR3D 43k7i3ZnvOJAmbh3tDkXY/qbHFUTXSANhrcpPvrG6hEuL28oY3oYXXiFxAmyc/qHb2xP hjEQNCSanchDkeLNl2RCAMIi/n5zz2gx2wfbmo5QfrUklthTIu4fanwDTFSuNtCxFctc wIMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=o3rL6KIbYioFnwDggds98JBn0aneQcoQd8W3ygd9nv0=; b=Jr8uwQtmQCcxWQ0IdXJwjSlZcyho+po2bMXgjJv61EPN9GV4KObnCOwD/uN6Hz4tdm y0K3EGQw0NoU3+0KUiJe3xQMcm9Khs5VrMfPp7kJkHFZLdbQvHbCSCIaGI1IP9CO9/Km pKgwZr56B1k3JUIMlTUn0ldxRFppBAQcex6bQwsfW6bvTL2PVr1wtdiPoXvtCnDyk51Q UhtyaFrQbJGIMLnpUh6yuUZWS6HNJRKJDoqbuM3dRq2cHjEV4W79xOCcEdJ7pSp69pw5 KEwNZOR8gMDeIO5QLyGwOLfLRYkEN7nJj+P28ggqcEK2jQ+xZGa15xgJLXszJWHvXHo5 A2jA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@brauner.io header.s=google header.b=TxBSYfjm; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x186-v6si19130848pfx.19.2018.10.08.06.55.24; Mon, 08 Oct 2018 06:55:40 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@brauner.io header.s=google header.b=TxBSYfjm; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726483AbeJHVHG (ORCPT + 99 others); Mon, 8 Oct 2018 17:07:06 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:41473 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726278AbeJHVHG (ORCPT ); Mon, 8 Oct 2018 17:07:06 -0400 Received: by mail-wr1-f66.google.com with SMTP id x12-v6so20940725wru.8 for ; Mon, 08 Oct 2018 06:55:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brauner.io; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=o3rL6KIbYioFnwDggds98JBn0aneQcoQd8W3ygd9nv0=; b=TxBSYfjm7czmwd7jBZjaH2Fz01qgXwbJYn2gEp2FawBCCdyEldvdgYjdktjY+xid0j kjdL8crkW+ercC1lDsFigs8DvoPc3NpyMNDebzAyUsPiIBZBEWJt7T9lZR+9fel5yXgG xffX+QB+YU/gInQFoHZbI2pHGybsWsT1LhfdCkueF0VZUs9xgl8JWIR52cMMhBqX6arO oflqRhog9jEBl3iLRT4G9898UtfEvIAbY3zH0wQqFk2PaDiJCDrqclJA6tCQyUy37Mq0 dduZZKtoBTVkbosb4aOscViabbl2H9ALBRPShTt7Xy5RzaH4pra89hGFmnC5482LSZsl 8FoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=o3rL6KIbYioFnwDggds98JBn0aneQcoQd8W3ygd9nv0=; b=eFHhgWDXLdCcRSw9cUSZIuDpVNcD/R6FDUeeJCWTDf8U0GFhg7zX855nu/OrlUG/OG Jn8+Ng1l9fUQczSDUKVK0K4rN5+TaSWKhGNosdbNNcNNajXaSKQ3DkB0rbHyPRisNWpL IY5yJrbTCThxU9jAGCXa9PP+yLvr/HFK58iSo3a7zZZwIY61PZ/objp+/rm197UfmlOk nBgrbhX9khpCjYoQ7Qrn5ITTPLSmDu8QRkLLtNkG8bdouhLdsSX52bJTS1IiYHJnhlp4 VyuBoD/qIvKuTl/yjlF7iUQErTXGJfisOhryz00K60kJVcnBY+fDyshbwi65dUKBUvYk GzZQ== X-Gm-Message-State: ABuFfohOVUnyFMTdaD/Kp5k6DKBD5exE3OKO5k4ZxsVh22Up6tT5abiB g7wq4Mhz434vDPbNnoaTWFm9eSEDuw8= X-Received: by 2002:a05:6000:1105:: with SMTP id z5mr15888511wrw.136.1539006914224; Mon, 08 Oct 2018 06:55:14 -0700 (PDT) Received: from brauner.io (u-086-c052.eap.uni-tuebingen.de. [134.2.86.52]) by smtp.gmail.com with ESMTPSA id 134-v6sm3220404wmb.13.2018.10.08.06.55.13 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 08 Oct 2018 06:55:13 -0700 (PDT) Date: Mon, 8 Oct 2018 15:55:07 +0200 From: Christian Brauner To: Tycho Andersen Cc: Kees Cook , Jann Horn , linux-api@vger.kernel.org, containers@lists.linux-foundation.org, Akihiro Suda , Oleg Nesterov , linux-kernel@vger.kernel.org, "Eric W . Biederman" , linux-fsdevel@vger.kernel.org, Christian Brauner , Andy Lutomirski Subject: Re: [PATCH v7 2/6] seccomp: make get_nth_filter available outside of CHECKPOINT_RESTORE Message-ID: <20181008135506.xvee7twtmv263ogr@brauner.io> References: <20180927151119.9989-1-tycho@tycho.ws> <20180927151119.9989-3-tycho@tycho.ws> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20180927151119.9989-3-tycho@tycho.ws> User-Agent: NeoMutt/20180716 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Sep 27, 2018 at 09:11:15AM -0600, Tycho Andersen wrote: > In the next commit we'll use this same mnemonic to get a listener for the > nth filter, so we need it available outside of CHECKPOINT_RESTORE in the > USER_NOTIFICATION case as well. > > v2: new in v2 > v3: no changes > v4: no changes > v5: switch to CHECKPOINT_RESTORE || USER_NOTIFICATION to avoid warning when > only CONFIG_SECCOMP_FILTER is enabled. > v7: drop USER_NOTIFICATION bits > > Signed-off-by: Tycho Andersen > CC: Kees Cook > CC: Andy Lutomirski > CC: Oleg Nesterov > CC: Eric W. Biederman > CC: "Serge E. Hallyn" > CC: Christian Brauner > CC: Tyler Hicks > CC: Akihiro Suda Acked-by: Christian Brauner > --- > kernel/seccomp.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/kernel/seccomp.c b/kernel/seccomp.c > index fa6fe9756c80..44a31ac8373a 100644 > --- a/kernel/seccomp.c > +++ b/kernel/seccomp.c > @@ -1158,7 +1158,7 @@ long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter) > return do_seccomp(op, 0, uargs); > } > > -#if defined(CONFIG_SECCOMP_FILTER) && defined(CONFIG_CHECKPOINT_RESTORE) > +#if defined(CONFIG_SECCOMP_FILTER) > static struct seccomp_filter *get_nth_filter(struct task_struct *task, > unsigned long filter_off) > { > @@ -1205,6 +1205,7 @@ static struct seccomp_filter *get_nth_filter(struct task_struct *task, > return filter; > } > > +#if defined(CONFIG_CHECKPOINT_RESTORE) > long seccomp_get_filter(struct task_struct *task, unsigned long filter_off, > void __user *data) > { > @@ -1277,7 +1278,8 @@ long seccomp_get_metadata(struct task_struct *task, > __put_seccomp_filter(filter); > return ret; > } > -#endif > +#endif /* CONFIG_CHECKPOINT_RESTORE */ > +#endif /* CONFIG_SECCOMP_FILTER */ > > #ifdef CONFIG_SYSCTL > > -- > 2.17.1 > > _______________________________________________ > Containers mailing list > Containers@lists.linux-foundation.org > https://lists.linuxfoundation.org/mailman/listinfo/containers