Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp2650447pxj;
        Mon, 31 May 2021 07:23:55 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyc2LvmXyl8v97mIC1i35EZR13zD2CgrUVV0VVMD0udnbOmbUBp3BmBpjtWasJ/Kbx7xg9O
X-Received: by 2002:a05:6e02:104:: with SMTP id t4mr5496006ilm.135.1622471035782;
        Mon, 31 May 2021 07:23:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1622471035; cv=none;
        d=google.com; s=arc-20160816;
        b=LhzJi4bMYxPaTkNx3xEIh7sIWE3pYUtBGtySwczN2CngHCPNco3o6O7GDuNpkd/jD9
         CkT3RXXEDUUEcXnObsEloeu4U699OWmH6hx356M6yhdf+IsnW0SNZEknG76Z5snK52C/
         rVVEOwwm52MtiSfMT0FIQT6W8GINxRFwphj3zcqjNqXTJXgM74rmqWR50w/LSETKoft4
         lj/jcpH6QjTpSnEwlf/szaufRYP51xmINrJD1ToHVXe9P0Ad9Jpqwv8FXswRBXcyd+FD
         ndSXrsYQh0Z/+0ANErzcqwLPJ5WRcWQ9Uq/iLFj0kpZofWPpODwFGRqukZ66rd+J7B/b
         OXUg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=aIBoJNL4IHdVTke3hY3mb0SaEGFZr0LKnmaEyoJimkY=;
        b=xlQYFRc+pRIV248x9pfq2hhAIihu1e5pyIVUY+cSEKM+eD7hacIAHrTa9HhW/mdMou
         zYrGEW005uxfIZmL+BTmbOWsQ2aEgne2PLpdlt5zb2JqBATlEkdkDh0IA2M8tMlgqMdO
         3i21nT2aD//4G4A39Vsgmo9F5I9IzXwqoCxcHIRlqTJ+6DyfEqFZN8Mapdar+D7Jd23O
         HwsEXaKq8RyfBzMpB1FFLAlkQO+N1HlBxB8lqE9kvgbsQIjaQeotnvP/L+KzJmKv5WB0
         vIpJPCtLWH4cvzZF7cHYFl0s1YgV3WdwuJctzzVX14PO5VZcqPmoshLu0r4xONcSQdqK
         WM1g==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=qaT5xQ9S;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id m14si13942550ili.85.2021.05.31.07.23.42;
        Mon, 31 May 2021 07:23:55 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=qaT5xQ9S;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S234070AbhEaOY0 (ORCPT <rfc822;luke.ovalle@gmail.com>
        + 99 others); Mon, 31 May 2021 10:24:26 -0400
Received: from mail.kernel.org ([198.145.29.99]:55720 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S230291AbhEaNua (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 31 May 2021 09:50:30 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id 1751D61429;
        Mon, 31 May 2021 13:32:01 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1622467922;
        bh=axbAyOi48Hmr3K74CrPJHT6/KFmTBpUvIncWdwiQ5Hk=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=qaT5xQ9SaWXOskmfDRRrGC/PpcLtaL3ziRd+LK7GKixrSnMxXAlRTYxy7J/GUI7Oo
         gWUWCG9qrtHz6OqSKAHSUbMIKBTEFolMshCWu4GUEwKoSkVqLjIbpv19px+xWlAJep
         PgSx1q60BofdyXltEpHz+gS9Pu1jZf31UBQFvBnw=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Sargun Dhillon <sargun@sargun.me>,
        Tycho Andersen <tycho@tycho.pizza>,
        Christian Brauner <christian.brauner@ubuntu.com>,
        Kees Cook <keescook@chromium.org>
Subject: [PATCH 5.10 051/252] Documentation: seccomp: Fix user notification documentation
Date:   Mon, 31 May 2021 15:11:56 +0200
Message-Id: <20210531130659.708382653@linuxfoundation.org>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20210531130657.971257589@linuxfoundation.org>
References: <20210531130657.971257589@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Sargun Dhillon <sargun@sargun.me>

commit aac902925ea646e461c95edc98a8a57eb0def917 upstream.

The documentation had some previously incorrect information about how
userspace notifications (and responses) were handled due to a change
from a previously proposed patchset.

Signed-off-by: Sargun Dhillon <sargun@sargun.me>
Acked-by: Tycho Andersen <tycho@tycho.pizza>
Acked-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Fixes: 6a21cc50f0c7 ("seccomp: add a return code to trap to userspace")
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20210517193908.3113-2-sargun@sargun.me
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 Documentation/userspace-api/seccomp_filter.rst |   16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

--- a/Documentation/userspace-api/seccomp_filter.rst
+++ b/Documentation/userspace-api/seccomp_filter.rst
@@ -250,14 +250,14 @@ Users can read via ``ioctl(SECCOMP_IOCTL
 seccomp notification fd to receive a ``struct seccomp_notif``, which contains
 five members: the input length of the structure, a unique-per-filter ``id``,
 the ``pid`` of the task which triggered this request (which may be 0 if the
-task is in a pid ns not visible from the listener's pid namespace), a ``flags``
-member which for now only has ``SECCOMP_NOTIF_FLAG_SIGNALED``, representing
-whether or not the notification is a result of a non-fatal signal, and the
-``data`` passed to seccomp. Userspace can then make a decision based on this
-information about what to do, and ``ioctl(SECCOMP_IOCTL_NOTIF_SEND)`` a
-response, indicating what should be returned to userspace. The ``id`` member of
-``struct seccomp_notif_resp`` should be the same ``id`` as in ``struct
-seccomp_notif``.
+task is in a pid ns not visible from the listener's pid namespace). The
+notification also contains the ``data`` passed to seccomp, and a filters flag.
+The structure should be zeroed out prior to calling the ioctl.
+
+Userspace can then make a decision based on this information about what to do,
+and ``ioctl(SECCOMP_IOCTL_NOTIF_SEND)`` a response, indicating what should be
+returned to userspace. The ``id`` member of ``struct seccomp_notif_resp`` should
+be the same ``id`` as in ``struct seccomp_notif``.
 
 It is worth noting that ``struct seccomp_data`` contains the values of register
 arguments to the syscall, but does not contain pointers to memory. The task's