Re: [PATCH v2] seccomp: passthrough uretprobe systemcall without filtering

From: Oleg Nesterov
Date: Tue Jan 28 2025 - 10:45:22 EST

Next message: Rob Herring: "Re: [PATCH v5 1/4] dt-bindings: net: Add FSD EQoS device tree bindings"
Previous message: Vlastimil Babka: "Re: [PATCH 2/5] mm: further refactor commit_merge()"
In reply to: Eyal Birger: "[PATCH v2] seccomp: passthrough uretprobe systemcall without filtering"
Next in thread: Oleg Nesterov: "Re: [PATCH v2] seccomp: passthrough uretprobe systemcall without filtering"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

can't review, I know nothing about seccomp_cache, but

On 01/28, Eyal Birger wrote:
>
> +static bool seccomp_is_const_allow(struct sock_fprog_kern *fprog,
> + struct seccomp_data *sd)
> +{
> +#ifdef __NR_uretprobe
> + if (sd->nr == __NR_uretprobe
> +#ifdef SECCOMP_ARCH_COMPAT
> + && sd->arch != SECCOMP_ARCH_COMPAT
> +#endif

it seems you can check

&& sd->arch == SECCOMP_ARCH_NATIVE

and avoid #ifdef SECCOMP_ARCH_COMPAT

Oleg.

Next message: Rob Herring: "Re: [PATCH v5 1/4] dt-bindings: net: Add FSD EQoS device tree bindings"
Previous message: Vlastimil Babka: "Re: [PATCH 2/5] mm: further refactor commit_merge()"
In reply to: Eyal Birger: "[PATCH v2] seccomp: passthrough uretprobe systemcall without filtering"
Next in thread: Oleg Nesterov: "Re: [PATCH v2] seccomp: passthrough uretprobe systemcall without filtering"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]