From: Kees Cook <keescook@chromium.org>
To: Christian Brauner <christian.brauner@ubuntu.com>
Cc: linux-kernel@vger.kernel.org, luto@amacapital.net
Subject: Re: [PATCH] seccomp: rework define for SECCOMP_USER_NOTIF_FLAG_CONTINUE
Date: Mon, 28 Oct 2019 12:27:40 -0700 [thread overview]
Message-ID: <201910281227.5A580CD@keescook> (raw)
In-Reply-To: <20191024212539.4059-1-christian.brauner@ubuntu.com>
On Thu, Oct 24, 2019 at 11:25:39PM +0200, Christian Brauner wrote:
> Switch from BIT(0) to (1UL << 0).
> First, there are already two different forms used in the header, so there's
> no need to add a third. Second, the BIT() macros is kernel internal and
> afaict not actually exposed to userspace. Maybe there's some magic there
> I'm missing but it definitely causes issues when compiling a program that
> tries to use SECCOMP_USER_NOTIF_FLAG_CONTINUE. It currently fails in the
> following way:
>
> # github.com/lxc/lxd/lxd
> /usr/bin/ld: $WORK/b001/_x003.o: in function
> `__do_user_notification_continue':
> lxd/main_checkfeature.go:240: undefined reference to `BIT'
> collect2: error: ld returned 1 exit status
>
> Switching to (1UL << 0) should prevent that and is more in line what is
> already done in the rest of the header.
Hmpf. I thought those were already exported into the UAPI. Ah well.
Thanks! Applied.
-Kees
>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: Andy Lutomirski <luto@amacapital.net>
> Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
> ---
> include/uapi/linux/seccomp.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/include/uapi/linux/seccomp.h b/include/uapi/linux/seccomp.h
> index 61fbbb7c1ee9..9099972200cd 100644
> --- a/include/uapi/linux/seccomp.h
> +++ b/include/uapi/linux/seccomp.h
> @@ -102,7 +102,7 @@ struct seccomp_notif {
> * SECCOMP_USER_NOTIF_FLAG_CONTINUE. Note that SECCOMP_RET_USER_NOTIF can
> * equally be overriden by SECCOMP_USER_NOTIF_FLAG_CONTINUE.
> */
> -#define SECCOMP_USER_NOTIF_FLAG_CONTINUE BIT(0)
> +#define SECCOMP_USER_NOTIF_FLAG_CONTINUE (1UL << 0)
>
> struct seccomp_notif_resp {
> __u64 id;
> --
> 2.23.0
>
--
Kees Cook
prev parent reply other threads:[~2019-10-28 19:27 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-24 21:25 [PATCH] seccomp: rework define for SECCOMP_USER_NOTIF_FLAG_CONTINUE Christian Brauner
2019-10-28 19:27 ` Kees Cook [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201910281227.5A580CD@keescook \
--to=keescook@chromium.org \
--cc=christian.brauner@ubuntu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.