Received: by 2002:a25:ef43:0:0:0:0:0 with SMTP id w3csp728965ybm; Fri, 29 May 2020 10:42:47 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwRtgbDSzfmrjvvVwQH/65kny4JXMuDjyoxIreOkjX0i+W9HoyGsFdnDULlNYWlgt9MdE4A X-Received: by 2002:aa7:db4c:: with SMTP id n12mr9079176edt.99.1590774167113; Fri, 29 May 2020 10:42:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590774167; cv=none; d=google.com; s=arc-20160816; b=nExel2dLkK2xNZhVjEdvYs6h8W790SlqKTOVFhvXLWCpmKMxsjLT24SDZEk72Df7jN IcwrxEE9UzPAQjE5loRzP2q344RfKnf+VEGWzise7JUc9HZm2YzLlj2yObyx1PLht42w W8ikPu+ddbFpTBJxnO1w0u814XF+lc/mOEhKpE5Z9nzvqcvTIHOh9ngwz2ewbNTgZiNM bYRofuE9wJmL8P0IZfPyoFt6cHMhjIH2sVgwvnOcK8Uqm9xqrAkT8bp9XTP/Mhl8KIQa IZT5Cw0qlH1ymoV5Cowp2SdHZYK+8Mgh7a81FN7JvdRwAt7RCpuiKC6zWnO3zIc8GjmW QE5g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=IQ3iFEKFTT0T49yh4ldw9sr179JaOXukpKkehgAJD9U=; b=tZPxTDTUjqOoaYJjAKnFO+MUR2RMjNGB75oZHHE3PNDVsMw9HzCV5pRV1nLTAAOK80 95Y34PmayKiBug3Hn1Qm0qNZokHeTadZ804gjDbqblasnFv4gbAxQ3OGZuuGlbCqwZeX bW+yQb98X1wXecIDbblaP7/fFPw8RTWwW1SNGR1B/dIw1fqEio5WUTY8Q44d/t9s5zjr YxXjSl+Dtyh/mgpBu1mJ2LllqcFnkFNKiWkvHGiYOnZgrKjF+bHaU65jRKXpIDZMlwVQ FCoNNC4fauU8Niw359m42Ry1Rbl7xE5fHvV+5+2M6N6owt8Wjsgby23jIsGhVBxLLiwS YTkg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sargun.me header.s=google header.b=C+K3vrF2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id z24si6203889ejf.584.2020.05.29.10.42.23; Fri, 29 May 2020 10:42:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@sargun.me header.s=google header.b=C+K3vrF2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726887AbgE2Rkm (ORCPT + 99 others); Fri, 29 May 2020 13:40:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42192 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726487AbgE2Rkl (ORCPT ); Fri, 29 May 2020 13:40:41 -0400 Received: from mail-il1-x141.google.com (mail-il1-x141.google.com [IPv6:2607:f8b0:4864:20::141]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 540FAC03E969 for ; Fri, 29 May 2020 10:40:41 -0700 (PDT) Received: by mail-il1-x141.google.com with SMTP id 9so3250435ilg.12 for ; Fri, 29 May 2020 10:40:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sargun.me; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=IQ3iFEKFTT0T49yh4ldw9sr179JaOXukpKkehgAJD9U=; b=C+K3vrF2R7sIGHajRN6wGA0vOi1wE/i5UrVTy17UMxKAFZpsLjFOGMHvOXkc+wMmoZ YJ3Mgn72jbaG3hJTHwLRMojjteM19g2Au2KaiMUBIM7bkV8b8hsT+UzDooXE1QdW51lX VCIKIzTR5AbqjIrhgcxmOWVlJKsZ5blp+SuxM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=IQ3iFEKFTT0T49yh4ldw9sr179JaOXukpKkehgAJD9U=; b=VdR97yEVa2LgQYSd2/eCj4nV+5MMPQVCmzn1zvAdJ8N3R/SlPp5Mv/p2MvSgRl33QD Jj0uJHST/OPSTTzZyrogxplbunlCXketgZu7mWytI4+eiAvJeFuoDrgH2kV0sGJ9C+rB Zv0QXVLdd6+QVs9gf7F65RhYuzPfPgU99yia6nVQ6x3+ZqKcpSPR1sBmDahL5MohXpwF QlMhdmVfsgGwQ0a+I+1xeAy4lrS3PEYQ/F5iFpFYhbUrK/SKr3467diDyZrHcesQCFnA bwC81oDzGnKiUR1kRp46Fc/22budliay1lHUzzTmWNRX8RidCGvXkYs5E1Sq8Sh9RjWb Sz7w== X-Gm-Message-State: AOAM532nxBhPwm7P/M3SZqrTUsUKtekpAz3OCPA6xyr4EVrO7nvQJi5F PkPPM7lYmf2TlO/Jo/DDe6eAtA== X-Received: by 2002:a92:8dd2:: with SMTP id w79mr8613220ill.239.1590774040468; Fri, 29 May 2020 10:40:40 -0700 (PDT) Received: from ircssh-2.c.rugged-nimbus-611.internal (80.60.198.104.bc.googleusercontent.com. [104.198.60.80]) by smtp.gmail.com with ESMTPSA id 199sm5407708ilb.11.2020.05.29.10.40.39 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 29 May 2020 10:40:39 -0700 (PDT) Date: Fri, 29 May 2020 17:40:38 +0000 From: Sargun Dhillon To: Kees Cook Cc: christian.brauner@ubuntu.com, containers@lists.linux-foundation.org, cyphar@cyphar.com, jannh@google.com, jeffv@google.com, linux-api@vger.kernel.org, linux-kernel@vger.kernel.org, palmer@google.com, rsesek@google.com, tycho@tycho.ws, Matt Denton Subject: Re: [PATCH v2 1/3] seccomp: Add find_notification helper Message-ID: <20200529174037.GA11153@ircssh-2.c.rugged-nimbus-611.internal> References: <20200528110858.3265-1-sargun@sargun.me> <20200528110858.3265-2-sargun@sargun.me> <202005282319.2BA6AD88@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <202005282319.2BA6AD88@keescook> User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > > While the comment is good, let's actually enforce this with: > > if (WARN_ON(!mutex_is_locked(&filter->notif_lock))) > return NULL; > I don't see much use of lockdep in seccomp (well, any), but wouldn't a stronger statement be to use lockdep, and just have: lockdep_assert_held(&filter->notify_lock); As that checks that the lock is held by the current task. Although, that does put this check behind lockdep, which means that running in "normal" circumstances is less safe (but faster?).