Received: by 2002:a05:6a10:17d3:0:0:0:0 with SMTP id hz19csp2985519pxb; Tue, 13 Apr 2021 15:34:37 -0700 (PDT) X-Google-Smtp-Source: ABdhPJySOSn/9MmzQClCLpvzXB9BHIV6QPnoPD0qctWx1xCSb5Gb8A4xjUoq4Ib241BrEkOxf+n7 X-Received: by 2002:a05:6402:34f:: with SMTP id r15mr36676416edw.195.1618353277296; Tue, 13 Apr 2021 15:34:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1618353277; cv=none; d=google.com; s=arc-20160816; b=ojw+Pd9EASKgUsGKvwW3oxNTU82YGaYrnupcgjK5VOEQAEPkJ4LVbw4Xl0NfnofAn8 6I/cdiYdpTb/gYOBlJltQdS3hs/vJXG5QX+wxhZRPiocz8XmFxTrGd+PosxXZ5uVZxiv hMSJIefB/OvPSeSwnlfvdYlddz7Z0JlDSt3ZozH2lPO7r+Z+hl8/eJTNt0j0/6AzxYoo HZyXcNjjphgWlAT1n4DYu3PR5WUTU4sQ7IsB2Ybnq0Qh18Vf+tW3JJrNc7OOn5kVCGma YY4CvsdgC5T03q5oD533LfhR346KYUxWXsmEJFcyWLqVm7j29Eql9/OB7uzCx0P09HkW Tldw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=q2LuJhzVKZ4Otm2O8xgEBL/YvpN8rgKv4ejnz0lZhBQ=; b=VC86dS3ak7rQk0OdDHVGdmuH5M9zJID1gJ5l8pQ2oRgxZwhautjIdxnbTgfCLupjKZ sBhm73uN/+np55euF1uP7pY6gqjLzVgT9fwR5zi8nC8dzw+8S8RVlC4+/niBeSmX3/mN uBCeuPCnsTXoIyVgfI/yqtw1O5lRqefhjT0qmiUi9KN5uQCijBVmD22GuIkhCvyHS1xd zRWmbMkrss2pXWS/NStc4sqi0s3DyAF4tGL45W4Vfp+xly51a+6Zo1ew2GEBRtaz/0za XE70n+mdJGfB3tfB8iUqq+iRRl+K6wt5OdFdfckgtsVsY5xo9JiJraDEWWIjBHoGO0V9 CQXw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kinvolk.io header.s=google header.b="PO/bW2Fz"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kinvolk.io Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id x1si11853643edl.430.2021.04.13.15.34.12; Tue, 13 Apr 2021 15:34:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kinvolk.io header.s=google header.b="PO/bW2Fz"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kinvolk.io Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347505AbhDMSDj (ORCPT + 99 others); Tue, 13 Apr 2021 14:03:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49426 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S242024AbhDMSDg (ORCPT ); Tue, 13 Apr 2021 14:03:36 -0400 Received: from mail-lj1-x22d.google.com (mail-lj1-x22d.google.com [IPv6:2a00:1450:4864:20::22d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C0659C061574 for ; Tue, 13 Apr 2021 11:03:13 -0700 (PDT) Received: by mail-lj1-x22d.google.com with SMTP id l14so17494095ljb.1 for ; Tue, 13 Apr 2021 11:03:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kinvolk.io; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=q2LuJhzVKZ4Otm2O8xgEBL/YvpN8rgKv4ejnz0lZhBQ=; b=PO/bW2FzQ6FzDgtNlCdHkJnMiT/9i4p/A90U8bBxxRlm7QtH1Avg7IzpZfFUhf35To +ZprUvd82vXwEvPh0u/Wi3KG3gk81wdPlFg/XLIPaP/wNf+1sF0XsbnBxxL1x6krTUNB oAhJcsICyl5wezmkkpndEaqZQAhKrbopebRWE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=q2LuJhzVKZ4Otm2O8xgEBL/YvpN8rgKv4ejnz0lZhBQ=; b=lylzW8qDZ1Fbv0OUoa2hEc9aBqYqT+Vzv1FIScXL6PFzUvS4XRB2SHkjMH8/brHSfi XVKEMZpjQVnVa9zXeGSLlINKgDGtgSbLrrsRMN4nugZDH8hw+7opOtm4Btf29loVTqVh iSXBofr+UJRbelNkVXG7f9ocWKCqVlO0uTo+XCsueVeUM6U3/HIsJeqP7m1DA3Rwx6KK rTk7QeI0EbIGPKaNokiV5/eemHLbTlTOhREwkuhrwKmoRFBrs0lPCf5sEZqjNXRhzmYW eKwhRWfwrehcbkCQOcLrk7J5Uqe6LzqJ7Y3fAvBF0LN1VdVNN6Za8bTuxy1thGRu2Fnj F0uQ== X-Gm-Message-State: AOAM533pojCSItRFSFD/XN6eEKJAAJ84j4lgf5PeEIiomXEB6rsa20+D U4OgJVIWOTKB7LPnNPVXIXqyaos1n3eAwnhOV9J9Qg== X-Received: by 2002:a2e:3013:: with SMTP id w19mr9815088ljw.97.1618336992322; Tue, 13 Apr 2021 11:03:12 -0700 (PDT) MIME-Version: 1.0 References: <20210413160151.3301-1-rodrigo@kinvolk.io> <20210413160151.3301-2-rodrigo@kinvolk.io> <20210413175355.kttgdouoyiykug5i@wittgenstein> In-Reply-To: <20210413175355.kttgdouoyiykug5i@wittgenstein> From: Rodrigo Campos Date: Tue, 13 Apr 2021 20:02:35 +0200 Message-ID: Subject: Re: [PATCH 1/1] seccomp: Always "goto wait" if the list is empty To: Christian Brauner Cc: Kees Cook , Andy Lutomirski , Will Drewry , LKML , Linux Containers , Sargun Dhillon , =?UTF-8?Q?Mauricio_V=C3=A1squez_Bernal?= , Alban Crequy , stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 13, 2021 at 7:54 PM Christian Brauner wrote: > > Fixes: 7cf97b1254550 > > Cc: stable@vger.kernel.org # 5.9+ > > Signed-off-by: Rodrigo Campos > > --- > > So the agent will see the return value from > wait_for_completion_interruptible() and know that the addfd wasn't > successful and the target will notice that no addfd request has actually > been added and essentially try again. Seems like a decent fix and can be Yes, exactly! > backported cleanly. I assume seccomp testsuite passes. Yes, seccomp selftests (tools/testing/selftests/seccomp/seccomp_bpf) passes fine > Acked-by: Christian Brauner Thanks!