Re: [PATCH v1] seccomp: simplify secure_computing()
From: Kees Cook
Date: Thu Oct 10 2019 - 17:53:28 EST
On Tue, Sep 24, 2019 at 08:44:20AM +0200, Christian Brauner wrote:
> Afaict, the struct seccomp_data argument to secure_computing() is unused
> by all current callers. So let's remove it.
> The argument was added in [1]. It was added because having the arch
> supply the syscall arguments used to be faster than having it done by
> secure_computing() (cf. Andy's comment in [2]). This is not true anymore
> though.
Yes; thanks for cleaning this up!
> diff --git a/arch/s390/kernel/ptrace.c b/arch/s390/kernel/ptrace.c
> index ad71132374f0..ed80bdfbf5fe 100644
> --- a/arch/s390/kernel/ptrace.c
> +++ b/arch/s390/kernel/ptrace.c
> @@ -439,7 +439,7 @@ static int poke_user(struct task_struct *child, addr_t addr, addr_t data)
> long arch_ptrace(struct task_struct *child, long request,
> unsigned long addr, unsigned long data)
> {
> - ptrace_area parea;
> + ptrace_area parea;
> int copied, ret;
>
> switch (request) {
If this were whitespace cleanup in kernel/seccomp.c, I'd take it without
flinching. As this is only tangentially related and in an arch
directory, I've dropped this hunk out of a cowardly fear of causing
(a likely very unlikely) merge conflict.
I'd rather we globally clean up trailing whitespace at the end of -rc1
and ask Linus to run some crazy script. :)
So, with that hunk removed, I've applied this to for-next/seccomp. :)
Thanks!
--
Kees Cook