From: Thomas Gleixner <tglx@kernel.org>
To: LKML <linux-kernel@vger.kernel.org>
Cc: "Peter Zijlstra" <peterz@infradead.org>,
"Mark Rutland" <mark.rutland@arm.com>,
"Jinjie Ruan" <ruanjinjie@huawei.com>,
"Kees Cook" <kees@kernel.org>,
"Andy Lutomirski" <luto@kernel.org>,
"Oleg Nesterov" <oleg@redhat.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Russell King" <linux@armlinux.org.uk>,
"Catalin Marinas" <catalin.marinas@arm.com>,
"Guo Ren" <guoren@kernel.org>,
"Geert Uytterhoeven" <geert@linux-m68k.org>,
"Thomas Bogendoerfer" <tsbogend@alpha.franken.de>,
"Helge Deller" <deller@gmx.de>,
"Yoshinori Sato" <ysato@users.sourceforge.jp>,
"Richard Weinberger" <richard@nod.at>,
"Chris Zankel" <chris@zankel.net>,
linux-arm-kernel@lists.infradead.org,
linux-alpha@vger.kernel.org, linux-csky@vger.kernel.org,
linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org,
linux-parisc@vger.kernel.org, linux-sh@vger.kernel.org,
linux-um@lists.infradead.org,
"Michael Ellerman" <mpe@ellerman.id.au>,
"Shrikanth Hegde" <sshegde@linux.ibm.com>,
linuxppc-dev@lists.ozlabs.org,
"Huacai Chen" <chenhuacai@kernel.org>,
loongarch@lists.linux.dev, "Paul Walmsley" <pjw@kernel.org>,
"Palmer Dabbelt" <palmer@dabbelt.com>,
linux-riscv@lists.infradead.org,
"Sven Schnelle" <svens@linux.ibm.com>,
linux-s390@vger.kernel.org, x86@kernel.org,
"Arnd Bergmann" <arnd@arndb.de>,
"Vineet Gupta" <vgupta@kernel.org>,
"Will Deacon" <will@kernel.org>, "Brian Cain" <bcain@kernel.org>,
"Michal Simek" <monstr@monstr.eu>,
"Dinh Nguyen" <dinguyen@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
"Andreas Larsson" <andreas@gaisler.com>,
linux-snps-arc@lists.infradead.org,
linux-hexagon@vger.kernel.org, linux-openrisc@vger.kernel.org,
sparclinux@vger.kernel.org, linux-arch@vger.kernel.org,
"Michal Suchánek" <msuchanek@suse.de>,
"Jonathan Corbet" <corbet@lwn.net>,
linux-doc@vger.kernel.org
Subject: [patch 11/18] seccomp, treewide: Rename and convert __secure_computing() to return boolean
Date: Tue, 07 Jul 2026 21:06:40 +0200 [thread overview]
Message-ID: <20260707190254.230735780@kernel.org> (raw)
In-Reply-To: 20260707181957.433213175@kernel.org
From: Jinjie Ruan <ruanjinjie@huawei.com>
The return value of __secure_computing() currently uses 0 to indicate
that a system call should be allowed, and -1 to indicate that it should
be blocked/killed. This 0/-1 pattern is non-intuitive for a security
check function and makes the control flow at the call sites less readable.
Furthermore, any potential future changes to these return values would
require a high-risk, error-prone audit of all its users across different
architectures.
Sanitize this logic by converting the return type of __secure_computing()
to a proper boolean, where 'true' explicitly means 'allow' and 'false'
means 'fail/deny'.
Update all the two dozen or so call sites across the tree to align with
this new boolean semantic. No functional changes are intended, as the
callers still return -1 to the lower-level assembly entry code upon
seccomp denial.
Rename the function to __seccomp_permit_syscall() so that the purpose is
entirely clear.
[ tglx: Rename the function ]
Suggested-by: Thomas Gleixner <tglx@kernel.org>
Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
Signed-off-by: Thomas Gleixner <tglx@kernel.org>
Cc: Kees Cook <kees@kernel.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Russell King <linux@armlinux.org.uk>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Guo Ren <guoren@kernel.org>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Cc: Helge Deller <deller@gmx.de>
Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
Cc: Richard Weinberger <richard@nod.at>
Cc: Chris Zankel <chris@zankel.net>
Cc: linux-arm-kernel@lists.infradead.org
Cc: linux-alpha@vger.kernel.org
Cc: linux-csky@vger.kernel.org
Cc: linux-m68k@lists.linux-m68k.org
Cc: linux-mips@vger.kernel.org
Cc: linux-parisc@vger.kernel.org
Cc: linux-sh@vger.kernel.org
Cc: linux-um@lists.infradead.org
---
arch/alpha/kernel/ptrace.c | 2 -
arch/arm/kernel/ptrace.c | 2 -
arch/arm64/kernel/ptrace.c | 2 -
arch/csky/kernel/ptrace.c | 2 -
arch/m68k/kernel/ptrace.c | 2 -
arch/mips/kernel/ptrace.c | 2 -
arch/parisc/kernel/ptrace.c | 2 -
arch/sh/kernel/ptrace_32.c | 2 -
arch/um/kernel/skas/syscall.c | 2 -
arch/x86/entry/vsyscall/vsyscall_64.c | 14 ++++++-------
arch/xtensa/kernel/ptrace.c | 3 --
include/linux/entry-common.h | 9 +++-----
include/linux/seccomp.h | 12 +++++------
kernel/seccomp.c | 35 +++++++++++++++++-----------------
14 files changed, 45 insertions(+), 46 deletions(-)
--- a/arch/alpha/kernel/ptrace.c
+++ b/arch/alpha/kernel/ptrace.c
@@ -387,7 +387,7 @@ asmlinkage unsigned long syscall_trace_e
* If this fails, seccomp may already have set up the return value
* (e.g. SECCOMP_RET_ERRNO / TRACE).
*/
- if (secure_computing() == -1) {
+ if (!seccomp_permit_syscall()) {
if (regs->r19 == 0 && regs->r0 == (unsigned long)-1)
syscall_set_return_value(current, regs, -ENOSYS, 0);
syscall_set_nr(current, regs, -1);
--- a/arch/arm/kernel/ptrace.c
+++ b/arch/arm/kernel/ptrace.c
@@ -855,7 +855,7 @@ asmlinkage int syscall_trace_enter(struc
/* Do seccomp after ptrace; syscall may have changed. */
#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
#else
/* XXX: remove this once OABI gets fixed */
--- a/arch/arm64/kernel/ptrace.c
+++ b/arch/arm64/kernel/ptrace.c
@@ -2420,7 +2420,7 @@ int syscall_trace_enter(struct pt_regs *
}
/* Do the secure computing after ptrace; failures should be fast. */
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return NO_SYSCALL;
if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
--- a/arch/csky/kernel/ptrace.c
+++ b/arch/csky/kernel/ptrace.c
@@ -323,7 +323,7 @@ asmlinkage int syscall_trace_enter(struc
if (ptrace_report_syscall_entry(regs))
return -1;
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
--- a/arch/m68k/kernel/ptrace.c
+++ b/arch/m68k/kernel/ptrace.c
@@ -281,7 +281,7 @@ asmlinkage int syscall_trace_enter(void)
if (test_thread_flag(TIF_SYSCALL_TRACE))
ret = ptrace_report_syscall_entry(task_pt_regs(current));
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
return ret;
--- a/arch/mips/kernel/ptrace.c
+++ b/arch/mips/kernel/ptrace.c
@@ -1328,7 +1328,7 @@ asmlinkage long syscall_trace_enter(stru
return -1;
}
- if (secure_computing())
+ if (!seccomp_permit_syscall())
return -1;
if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
--- a/arch/parisc/kernel/ptrace.c
+++ b/arch/parisc/kernel/ptrace.c
@@ -351,7 +351,7 @@ long do_syscall_trace_enter(struct pt_re
}
/* Do the secure computing check after ptrace. */
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
#ifdef CONFIG_HAVE_SYSCALL_TRACEPOINTS
--- a/arch/sh/kernel/ptrace_32.c
+++ b/arch/sh/kernel/ptrace_32.c
@@ -460,7 +460,7 @@ asmlinkage long do_syscall_trace_enter(s
return -1;
}
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
--- a/arch/um/kernel/skas/syscall.c
+++ b/arch/um/kernel/skas/syscall.c
@@ -27,7 +27,7 @@ void handle_syscall(struct uml_pt_regs *
goto out;
/* Do the seccomp check after ptrace; failures should be fast. */
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
goto out;
syscall = UPT_SYSCALL_NR(r);
--- a/arch/x86/entry/vsyscall/vsyscall_64.c
+++ b/arch/x86/entry/vsyscall/vsyscall_64.c
@@ -118,10 +118,10 @@ static bool write_ok_or_segv(unsigned lo
static bool __emulate_vsyscall(struct pt_regs *regs, unsigned long address)
{
- unsigned long caller;
- int vsyscall_nr, syscall_nr, tmp;
+ unsigned long caller, orig_dx;
+ int vsyscall_nr, syscall_nr;
+ bool skip;
long ret;
- unsigned long orig_dx;
/* Confirm that the fault happened in 64-bit user mode */
if (!user_64bit_mode(regs))
@@ -197,16 +197,16 @@ static bool __emulate_vsyscall(struct pt
*/
regs->orig_ax = syscall_nr;
regs->ax = -ENOSYS;
- tmp = secure_computing();
- if ((!tmp && regs->orig_ax != syscall_nr) || regs->ip != address) {
+ skip = !seccomp_permit_syscall();
+ if ((!skip && regs->orig_ax != syscall_nr) || regs->ip != address) {
warn_bad_vsyscall(KERN_DEBUG, regs,
"seccomp tried to change syscall nr or ip");
force_exit_sig(SIGSYS);
return true;
}
regs->orig_ax = -1;
- if (tmp)
- goto do_ret; /* skip requested */
+ if (skip)
+ goto do_ret;
/*
* With a real vsyscall, page faults cause SIGSEGV.
--- a/arch/xtensa/kernel/ptrace.c
+++ b/arch/xtensa/kernel/ptrace.c
@@ -553,8 +553,7 @@ int do_syscall_trace_enter(struct pt_reg
return 0;
}
- if (regs->syscall == NO_SYSCALL ||
- secure_computing() == -1) {
+ if (regs->syscall == NO_SYSCALL || !seccomp_permit_syscall()) {
do_syscall_trace_leave(regs);
return 0;
}
--- a/include/linux/entry-common.h
+++ b/include/linux/entry-common.h
@@ -102,9 +102,8 @@ static __always_inline long syscall_trac
/* Do seccomp after ptrace, to catch any tracer changes. */
if (work & SYSCALL_WORK_SECCOMP) {
- ret = __secure_computing();
- if (ret == -1L)
- return ret;
+ if (!__seccomp_permit_syscall())
+ return -1L;
}
/* Either of the above might have changed the syscall number */
@@ -115,7 +114,7 @@ static __always_inline long syscall_trac
syscall_enter_audit(regs, syscall);
- return ret ? : syscall;
+ return syscall;
}
/**
@@ -138,7 +137,7 @@ static __always_inline long syscall_trac
* It handles the following work items:
*
* 1) syscall_work flag dependent invocations of
- * ptrace_report_syscall_entry(), __secure_computing(), trace_sys_enter()
+ * ptrace_report_syscall_entry(), __seccomp_permit_syscall(), trace_sys_enter()
* 2) Invocation of audit_syscall_entry()
*/
static __always_inline long syscall_enter_from_user_mode_work(struct pt_regs *regs, long syscall)
--- a/include/linux/seccomp.h
+++ b/include/linux/seccomp.h
@@ -22,14 +22,14 @@
#include <linux/atomic.h>
#include <asm/seccomp.h>
-extern int __secure_computing(void);
+extern bool __seccomp_permit_syscall(void);
#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
-static inline int secure_computing(void)
+static __always_inline bool seccomp_permit_syscall(void)
{
if (unlikely(test_syscall_work(SECCOMP)))
- return __secure_computing();
- return 0;
+ return __seccomp_permit_syscall();
+ return true;
}
#else
extern void secure_computing_strict(int this_syscall);
@@ -50,11 +50,11 @@ static inline int seccomp_mode(struct se
struct seccomp_data;
#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
-static inline int secure_computing(void) { return 0; }
+static inline bool seccomp_permit_syscall(void) { return true; }
#else
static inline void secure_computing_strict(int this_syscall) { return; }
#endif
-static inline int __secure_computing(void) { return 0; }
+static inline bool __seccomp_permit_syscall(void) { return true; }
static inline long prctl_get_seccomp(void)
{
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -1100,12 +1100,13 @@ void secure_computing_strict(int this_sy
else
BUG();
}
-int __secure_computing(void)
+
+bool __seccomp_permit_syscall(void)
{
int this_syscall = syscall_get_nr(current, current_pt_regs());
secure_computing_strict(this_syscall);
- return 0;
+ return true;
}
#else
@@ -1256,7 +1257,7 @@ static int seccomp_do_user_notification(
return -1;
}
-static int __seccomp_filter(int this_syscall, const bool recheck_after_trace)
+static bool __seccomp_filter(int this_syscall, const bool recheck_after_trace)
{
u32 filter_ret, action;
struct seccomp_data sd;
@@ -1294,7 +1295,7 @@ static int __seccomp_filter(int this_sys
case SECCOMP_RET_TRACE:
/* We've been put in this state by the ptracer already. */
if (recheck_after_trace)
- return 0;
+ return true;
/* ENOSYS these calls if there is no tracer attached. */
if (!ptrace_event_enabled(current, PTRACE_EVENT_SECCOMP)) {
@@ -1330,19 +1331,19 @@ static int __seccomp_filter(int this_sys
* a skip would have already been reported.
*/
if (__seccomp_filter(this_syscall, true))
- return -1;
+ return false;
- return 0;
+ return true;
case SECCOMP_RET_USER_NOTIF:
if (seccomp_do_user_notification(this_syscall, match, &sd))
goto skip;
- return 0;
+ return true;
case SECCOMP_RET_LOG:
seccomp_log(this_syscall, 0, action, true);
- return 0;
+ return true;
case SECCOMP_RET_ALLOW:
/*
@@ -1350,7 +1351,7 @@ static int __seccomp_filter(int this_sys
* this action since SECCOMP_RET_ALLOW is the starting
* state in seccomp_run_filters().
*/
- return 0;
+ return true;
case SECCOMP_RET_KILL_THREAD:
case SECCOMP_RET_KILL_PROCESS:
@@ -1367,46 +1368,46 @@ static int __seccomp_filter(int this_sys
} else {
do_exit(SIGSYS);
}
- return -1; /* skip the syscall go directly to signal handling */
+ return false; /* skip the syscall go directly to signal handling */
}
unreachable();
skip:
seccomp_log(this_syscall, 0, action, match ? match->log : false);
- return -1;
+ return false;
}
#else
-static int __seccomp_filter(int this_syscall, const bool recheck_after_trace)
+static bool __seccomp_filter(int this_syscall, const bool recheck_after_trace)
{
BUG();
- return -1;
+ return false;
}
#endif
-int __secure_computing(void)
+bool __seccomp_permit_syscall(void)
{
int mode = current->seccomp.mode;
int this_syscall;
if (IS_ENABLED(CONFIG_CHECKPOINT_RESTORE) &&
unlikely(current->ptrace & PT_SUSPEND_SECCOMP))
- return 0;
+ return true;
this_syscall = syscall_get_nr(current, current_pt_regs());
switch (mode) {
case SECCOMP_MODE_STRICT:
__secure_computing_strict(this_syscall); /* may call do_exit */
- return 0;
+ return true;
case SECCOMP_MODE_FILTER:
return __seccomp_filter(this_syscall, false);
/* Surviving SECCOMP_RET_KILL_* must be proactively impossible. */
case SECCOMP_MODE_DEAD:
WARN_ON_ONCE(1);
do_exit(SIGKILL);
- return -1;
+ return false;
default:
BUG();
}
WARNING: multiple messages have this Message-ID (diff)
From: Thomas Gleixner <tglx@kernel.org>
To: LKML <linux-kernel@vger.kernel.org>
Cc: "Peter Zijlstra" <peterz@infradead.org>,
"Mark Rutland" <mark.rutland@arm.com>,
"Jinjie Ruan" <ruanjinjie@huawei.com>,
"Kees Cook" <kees@kernel.org>,
"Andy Lutomirski" <luto@kernel.org>,
"Oleg Nesterov" <oleg@redhat.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Russell King" <linux@armlinux.org.uk>,
"Catalin Marinas" <catalin.marinas@arm.com>,
"Guo Ren" <guoren@kernel.org>,
"Geert Uytterhoeven" <geert@linux-m68k.org>,
"Thomas Bogendoerfer" <tsbogend@alpha.franken.de>,
"Helge Deller" <deller@gmx.de>,
"Yoshinori Sato" <ysato@users.sourceforge.jp>,
"Richard Weinberger" <richard@nod.at>,
"Chris Zankel" <chris@zankel.net>,
linux-arm-kernel@lists.infradead.org,
linux-alpha@vger.kernel.org, linux-csky@vger.kernel.org,
linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org,
linux-parisc@vger.kernel.org, linux-sh@vger.kernel.org,
linux-um@lists.infradead.org,
"Michael Ellerman" <mpe@ellerman.id.au>,
"Shrikanth Hegde" <sshegde@linux.ibm.com>,
linuxppc-dev@lists.ozlabs.org,
"Huacai Chen" <chenhuacai@kernel.org>,
loongarch@lists.linux.dev, "Paul Walmsley" <pjw@kernel.org>,
"Palmer Dabbelt" <palmer@dabbelt.com>,
linux-riscv@lists.infradead.org,
"Sven Schnelle" <svens@linux.ibm.com>,
linux-s390@vger.kernel.org, x86@kernel.org,
"Arnd Bergmann" <arnd@arndb.de>,
"Vineet Gupta" <vgupta@kernel.org>,
"Will Deacon" <will@kernel.org>, "Brian Cain" <bcain@kernel.org>,
"Michal Simek" <monstr@monstr.eu>,
"Dinh Nguyen" <dinguyen@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
"Andreas Larsson" <andreas@gaisler.com>,
linux-snps-arc@lists.infradead.org,
linux-hexagon@vger.kernel.org, linux-openrisc@vger.kernel.org,
sparclinux@vger.kernel.org, linux-arch@vger.kernel.org,
"Michal Suchánek" <msuchanek@suse.de>,
"Jonathan Corbet" <corbet@lwn.net>,
linux-doc@vger.kernel.org
Subject: [patch 11/18] seccomp, treewide: Rename and convert __secure_computing() to return boolean
Date: Tue, 07 Jul 2026 21:06:40 +0200 [thread overview]
Message-ID: <20260707190254.230735780@kernel.org> (raw)
In-Reply-To: 20260707181957.433213175@kernel.org
From: Jinjie Ruan <ruanjinjie@huawei.com>
The return value of __secure_computing() currently uses 0 to indicate
that a system call should be allowed, and -1 to indicate that it should
be blocked/killed. This 0/-1 pattern is non-intuitive for a security
check function and makes the control flow at the call sites less readable.
Furthermore, any potential future changes to these return values would
require a high-risk, error-prone audit of all its users across different
architectures.
Sanitize this logic by converting the return type of __secure_computing()
to a proper boolean, where 'true' explicitly means 'allow' and 'false'
means 'fail/deny'.
Update all the two dozen or so call sites across the tree to align with
this new boolean semantic. No functional changes are intended, as the
callers still return -1 to the lower-level assembly entry code upon
seccomp denial.
Rename the function to __seccomp_permit_syscall() so that the purpose is
entirely clear.
[ tglx: Rename the function ]
Suggested-by: Thomas Gleixner <tglx@kernel.org>
Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
Signed-off-by: Thomas Gleixner <tglx@kernel.org>
Cc: Kees Cook <kees@kernel.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Russell King <linux@armlinux.org.uk>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Guo Ren <guoren@kernel.org>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Cc: Helge Deller <deller@gmx.de>
Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
Cc: Richard Weinberger <richard@nod.at>
Cc: Chris Zankel <chris@zankel.net>
Cc: linux-arm-kernel@lists.infradead.org
Cc: linux-alpha@vger.kernel.org
Cc: linux-csky@vger.kernel.org
Cc: linux-m68k@lists.linux-m68k.org
Cc: linux-mips@vger.kernel.org
Cc: linux-parisc@vger.kernel.org
Cc: linux-sh@vger.kernel.org
Cc: linux-um@lists.infradead.org
---
arch/alpha/kernel/ptrace.c | 2 -
arch/arm/kernel/ptrace.c | 2 -
arch/arm64/kernel/ptrace.c | 2 -
arch/csky/kernel/ptrace.c | 2 -
arch/m68k/kernel/ptrace.c | 2 -
arch/mips/kernel/ptrace.c | 2 -
arch/parisc/kernel/ptrace.c | 2 -
arch/sh/kernel/ptrace_32.c | 2 -
arch/um/kernel/skas/syscall.c | 2 -
arch/x86/entry/vsyscall/vsyscall_64.c | 14 ++++++-------
arch/xtensa/kernel/ptrace.c | 3 --
include/linux/entry-common.h | 9 +++-----
include/linux/seccomp.h | 12 +++++------
kernel/seccomp.c | 35 +++++++++++++++++-----------------
14 files changed, 45 insertions(+), 46 deletions(-)
--- a/arch/alpha/kernel/ptrace.c
+++ b/arch/alpha/kernel/ptrace.c
@@ -387,7 +387,7 @@ asmlinkage unsigned long syscall_trace_e
* If this fails, seccomp may already have set up the return value
* (e.g. SECCOMP_RET_ERRNO / TRACE).
*/
- if (secure_computing() == -1) {
+ if (!seccomp_permit_syscall()) {
if (regs->r19 == 0 && regs->r0 == (unsigned long)-1)
syscall_set_return_value(current, regs, -ENOSYS, 0);
syscall_set_nr(current, regs, -1);
--- a/arch/arm/kernel/ptrace.c
+++ b/arch/arm/kernel/ptrace.c
@@ -855,7 +855,7 @@ asmlinkage int syscall_trace_enter(struc
/* Do seccomp after ptrace; syscall may have changed. */
#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
#else
/* XXX: remove this once OABI gets fixed */
--- a/arch/arm64/kernel/ptrace.c
+++ b/arch/arm64/kernel/ptrace.c
@@ -2420,7 +2420,7 @@ int syscall_trace_enter(struct pt_regs *
}
/* Do the secure computing after ptrace; failures should be fast. */
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return NO_SYSCALL;
if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
--- a/arch/csky/kernel/ptrace.c
+++ b/arch/csky/kernel/ptrace.c
@@ -323,7 +323,7 @@ asmlinkage int syscall_trace_enter(struc
if (ptrace_report_syscall_entry(regs))
return -1;
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
--- a/arch/m68k/kernel/ptrace.c
+++ b/arch/m68k/kernel/ptrace.c
@@ -281,7 +281,7 @@ asmlinkage int syscall_trace_enter(void)
if (test_thread_flag(TIF_SYSCALL_TRACE))
ret = ptrace_report_syscall_entry(task_pt_regs(current));
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
return ret;
--- a/arch/mips/kernel/ptrace.c
+++ b/arch/mips/kernel/ptrace.c
@@ -1328,7 +1328,7 @@ asmlinkage long syscall_trace_enter(stru
return -1;
}
- if (secure_computing())
+ if (!seccomp_permit_syscall())
return -1;
if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
--- a/arch/parisc/kernel/ptrace.c
+++ b/arch/parisc/kernel/ptrace.c
@@ -351,7 +351,7 @@ long do_syscall_trace_enter(struct pt_re
}
/* Do the secure computing check after ptrace. */
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
#ifdef CONFIG_HAVE_SYSCALL_TRACEPOINTS
--- a/arch/sh/kernel/ptrace_32.c
+++ b/arch/sh/kernel/ptrace_32.c
@@ -460,7 +460,7 @@ asmlinkage long do_syscall_trace_enter(s
return -1;
}
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
--- a/arch/um/kernel/skas/syscall.c
+++ b/arch/um/kernel/skas/syscall.c
@@ -27,7 +27,7 @@ void handle_syscall(struct uml_pt_regs *
goto out;
/* Do the seccomp check after ptrace; failures should be fast. */
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
goto out;
syscall = UPT_SYSCALL_NR(r);
--- a/arch/x86/entry/vsyscall/vsyscall_64.c
+++ b/arch/x86/entry/vsyscall/vsyscall_64.c
@@ -118,10 +118,10 @@ static bool write_ok_or_segv(unsigned lo
static bool __emulate_vsyscall(struct pt_regs *regs, unsigned long address)
{
- unsigned long caller;
- int vsyscall_nr, syscall_nr, tmp;
+ unsigned long caller, orig_dx;
+ int vsyscall_nr, syscall_nr;
+ bool skip;
long ret;
- unsigned long orig_dx;
/* Confirm that the fault happened in 64-bit user mode */
if (!user_64bit_mode(regs))
@@ -197,16 +197,16 @@ static bool __emulate_vsyscall(struct pt
*/
regs->orig_ax = syscall_nr;
regs->ax = -ENOSYS;
- tmp = secure_computing();
- if ((!tmp && regs->orig_ax != syscall_nr) || regs->ip != address) {
+ skip = !seccomp_permit_syscall();
+ if ((!skip && regs->orig_ax != syscall_nr) || regs->ip != address) {
warn_bad_vsyscall(KERN_DEBUG, regs,
"seccomp tried to change syscall nr or ip");
force_exit_sig(SIGSYS);
return true;
}
regs->orig_ax = -1;
- if (tmp)
- goto do_ret; /* skip requested */
+ if (skip)
+ goto do_ret;
/*
* With a real vsyscall, page faults cause SIGSEGV.
--- a/arch/xtensa/kernel/ptrace.c
+++ b/arch/xtensa/kernel/ptrace.c
@@ -553,8 +553,7 @@ int do_syscall_trace_enter(struct pt_reg
return 0;
}
- if (regs->syscall == NO_SYSCALL ||
- secure_computing() == -1) {
+ if (regs->syscall == NO_SYSCALL || !seccomp_permit_syscall()) {
do_syscall_trace_leave(regs);
return 0;
}
--- a/include/linux/entry-common.h
+++ b/include/linux/entry-common.h
@@ -102,9 +102,8 @@ static __always_inline long syscall_trac
/* Do seccomp after ptrace, to catch any tracer changes. */
if (work & SYSCALL_WORK_SECCOMP) {
- ret = __secure_computing();
- if (ret == -1L)
- return ret;
+ if (!__seccomp_permit_syscall())
+ return -1L;
}
/* Either of the above might have changed the syscall number */
@@ -115,7 +114,7 @@ static __always_inline long syscall_trac
syscall_enter_audit(regs, syscall);
- return ret ? : syscall;
+ return syscall;
}
/**
@@ -138,7 +137,7 @@ static __always_inline long syscall_trac
* It handles the following work items:
*
* 1) syscall_work flag dependent invocations of
- * ptrace_report_syscall_entry(), __secure_computing(), trace_sys_enter()
+ * ptrace_report_syscall_entry(), __seccomp_permit_syscall(), trace_sys_enter()
* 2) Invocation of audit_syscall_entry()
*/
static __always_inline long syscall_enter_from_user_mode_work(struct pt_regs *regs, long syscall)
--- a/include/linux/seccomp.h
+++ b/include/linux/seccomp.h
@@ -22,14 +22,14 @@
#include <linux/atomic.h>
#include <asm/seccomp.h>
-extern int __secure_computing(void);
+extern bool __seccomp_permit_syscall(void);
#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
-static inline int secure_computing(void)
+static __always_inline bool seccomp_permit_syscall(void)
{
if (unlikely(test_syscall_work(SECCOMP)))
- return __secure_computing();
- return 0;
+ return __seccomp_permit_syscall();
+ return true;
}
#else
extern void secure_computing_strict(int this_syscall);
@@ -50,11 +50,11 @@ static inline int seccomp_mode(struct se
struct seccomp_data;
#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
-static inline int secure_computing(void) { return 0; }
+static inline bool seccomp_permit_syscall(void) { return true; }
#else
static inline void secure_computing_strict(int this_syscall) { return; }
#endif
-static inline int __secure_computing(void) { return 0; }
+static inline bool __seccomp_permit_syscall(void) { return true; }
static inline long prctl_get_seccomp(void)
{
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -1100,12 +1100,13 @@ void secure_computing_strict(int this_sy
else
BUG();
}
-int __secure_computing(void)
+
+bool __seccomp_permit_syscall(void)
{
int this_syscall = syscall_get_nr(current, current_pt_regs());
secure_computing_strict(this_syscall);
- return 0;
+ return true;
}
#else
@@ -1256,7 +1257,7 @@ static int seccomp_do_user_notification(
return -1;
}
-static int __seccomp_filter(int this_syscall, const bool recheck_after_trace)
+static bool __seccomp_filter(int this_syscall, const bool recheck_after_trace)
{
u32 filter_ret, action;
struct seccomp_data sd;
@@ -1294,7 +1295,7 @@ static int __seccomp_filter(int this_sys
case SECCOMP_RET_TRACE:
/* We've been put in this state by the ptracer already. */
if (recheck_after_trace)
- return 0;
+ return true;
/* ENOSYS these calls if there is no tracer attached. */
if (!ptrace_event_enabled(current, PTRACE_EVENT_SECCOMP)) {
@@ -1330,19 +1331,19 @@ static int __seccomp_filter(int this_sys
* a skip would have already been reported.
*/
if (__seccomp_filter(this_syscall, true))
- return -1;
+ return false;
- return 0;
+ return true;
case SECCOMP_RET_USER_NOTIF:
if (seccomp_do_user_notification(this_syscall, match, &sd))
goto skip;
- return 0;
+ return true;
case SECCOMP_RET_LOG:
seccomp_log(this_syscall, 0, action, true);
- return 0;
+ return true;
case SECCOMP_RET_ALLOW:
/*
@@ -1350,7 +1351,7 @@ static int __seccomp_filter(int this_sys
* this action since SECCOMP_RET_ALLOW is the starting
* state in seccomp_run_filters().
*/
- return 0;
+ return true;
case SECCOMP_RET_KILL_THREAD:
case SECCOMP_RET_KILL_PROCESS:
@@ -1367,46 +1368,46 @@ static int __seccomp_filter(int this_sys
} else {
do_exit(SIGSYS);
}
- return -1; /* skip the syscall go directly to signal handling */
+ return false; /* skip the syscall go directly to signal handling */
}
unreachable();
skip:
seccomp_log(this_syscall, 0, action, match ? match->log : false);
- return -1;
+ return false;
}
#else
-static int __seccomp_filter(int this_syscall, const bool recheck_after_trace)
+static bool __seccomp_filter(int this_syscall, const bool recheck_after_trace)
{
BUG();
- return -1;
+ return false;
}
#endif
-int __secure_computing(void)
+bool __seccomp_permit_syscall(void)
{
int mode = current->seccomp.mode;
int this_syscall;
if (IS_ENABLED(CONFIG_CHECKPOINT_RESTORE) &&
unlikely(current->ptrace & PT_SUSPEND_SECCOMP))
- return 0;
+ return true;
this_syscall = syscall_get_nr(current, current_pt_regs());
switch (mode) {
case SECCOMP_MODE_STRICT:
__secure_computing_strict(this_syscall); /* may call do_exit */
- return 0;
+ return true;
case SECCOMP_MODE_FILTER:
return __seccomp_filter(this_syscall, false);
/* Surviving SECCOMP_RET_KILL_* must be proactively impossible. */
case SECCOMP_MODE_DEAD:
WARN_ON_ONCE(1);
do_exit(SIGKILL);
- return -1;
+ return false;
default:
BUG();
}
_______________________________________________
linux-snps-arc mailing list
linux-snps-arc@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-snps-arc
WARNING: multiple messages have this Message-ID (diff)
From: Thomas Gleixner <tglx@kernel.org>
To: LKML <linux-kernel@vger.kernel.org>
Cc: "Peter Zijlstra" <peterz@infradead.org>,
"Mark Rutland" <mark.rutland@arm.com>,
"Jinjie Ruan" <ruanjinjie@huawei.com>,
"Kees Cook" <kees@kernel.org>,
"Andy Lutomirski" <luto@kernel.org>,
"Oleg Nesterov" <oleg@redhat.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Russell King" <linux@armlinux.org.uk>,
"Catalin Marinas" <catalin.marinas@arm.com>,
"Guo Ren" <guoren@kernel.org>,
"Geert Uytterhoeven" <geert@linux-m68k.org>,
"Thomas Bogendoerfer" <tsbogend@alpha.franken.de>,
"Helge Deller" <deller@gmx.de>,
"Yoshinori Sato" <ysato@users.sourceforge.jp>,
"Richard Weinberger" <richard@nod.at>,
"Chris Zankel" <chris@zankel.net>,
linux-arm-kernel@lists.infradead.org,
linux-alpha@vger.kernel.org, linux-csky@vger.kernel.org,
linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org,
linux-parisc@vger.kernel.org, linux-sh@vger.kernel.org,
linux-um@lists.infradead.org,
"Michael Ellerman" <mpe@ellerman.id.au>,
"Shrikanth Hegde" <sshegde@linux.ibm.com>,
linuxppc-dev@lists.ozlabs.org,
"Huacai Chen" <chenhuacai@kernel.org>,
loongarch@lists.linux.dev, "Paul Walmsley" <pjw@kernel.org>,
"Palmer Dabbelt" <palmer@dabbelt.com>,
linux-riscv@lists.infradead.org,
"Sven Schnelle" <svens@linux.ibm.com>,
linux-s390@vger.kernel.org, x86@kernel.org,
"Arnd Bergmann" <arnd@arndb.de>,
"Vineet Gupta" <vgupta@kernel.org>,
"Will Deacon" <will@kernel.org>, "Brian Cain" <bcain@kernel.org>,
"Michal Simek" <monstr@monstr.eu>,
"Dinh Nguyen" <dinguyen@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
"Andreas Larsson" <andreas@gaisler.com>,
linux-snps-arc@lists.infradead.org,
linux-hexagon@vger.kernel.org, linux-openrisc@vger.kernel.org,
sparclinux@vger.kernel.org, linux-arch@vger.kernel.org,
"Michal Suchánek" <msuchanek@suse.de>,
"Jonathan Corbet" <corbet@lwn.net>,
linux-doc@vger.kernel.org
Subject: [patch 11/18] seccomp, treewide: Rename and convert __secure_computing() to return boolean
Date: Tue, 07 Jul 2026 21:06:40 +0200 [thread overview]
Message-ID: <20260707190254.230735780@kernel.org> (raw)
In-Reply-To: 20260707181957.433213175@kernel.org
From: Jinjie Ruan <ruanjinjie@huawei.com>
The return value of __secure_computing() currently uses 0 to indicate
that a system call should be allowed, and -1 to indicate that it should
be blocked/killed. This 0/-1 pattern is non-intuitive for a security
check function and makes the control flow at the call sites less readable.
Furthermore, any potential future changes to these return values would
require a high-risk, error-prone audit of all its users across different
architectures.
Sanitize this logic by converting the return type of __secure_computing()
to a proper boolean, where 'true' explicitly means 'allow' and 'false'
means 'fail/deny'.
Update all the two dozen or so call sites across the tree to align with
this new boolean semantic. No functional changes are intended, as the
callers still return -1 to the lower-level assembly entry code upon
seccomp denial.
Rename the function to __seccomp_permit_syscall() so that the purpose is
entirely clear.
[ tglx: Rename the function ]
Suggested-by: Thomas Gleixner <tglx@kernel.org>
Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
Signed-off-by: Thomas Gleixner <tglx@kernel.org>
Cc: Kees Cook <kees@kernel.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Russell King <linux@armlinux.org.uk>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Guo Ren <guoren@kernel.org>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Cc: Helge Deller <deller@gmx.de>
Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
Cc: Richard Weinberger <richard@nod.at>
Cc: Chris Zankel <chris@zankel.net>
Cc: linux-arm-kernel@lists.infradead.org
Cc: linux-alpha@vger.kernel.org
Cc: linux-csky@vger.kernel.org
Cc: linux-m68k@lists.linux-m68k.org
Cc: linux-mips@vger.kernel.org
Cc: linux-parisc@vger.kernel.org
Cc: linux-sh@vger.kernel.org
Cc: linux-um@lists.infradead.org
---
arch/alpha/kernel/ptrace.c | 2 -
arch/arm/kernel/ptrace.c | 2 -
arch/arm64/kernel/ptrace.c | 2 -
arch/csky/kernel/ptrace.c | 2 -
arch/m68k/kernel/ptrace.c | 2 -
arch/mips/kernel/ptrace.c | 2 -
arch/parisc/kernel/ptrace.c | 2 -
arch/sh/kernel/ptrace_32.c | 2 -
arch/um/kernel/skas/syscall.c | 2 -
arch/x86/entry/vsyscall/vsyscall_64.c | 14 ++++++-------
arch/xtensa/kernel/ptrace.c | 3 --
include/linux/entry-common.h | 9 +++-----
include/linux/seccomp.h | 12 +++++------
kernel/seccomp.c | 35 +++++++++++++++++-----------------
14 files changed, 45 insertions(+), 46 deletions(-)
--- a/arch/alpha/kernel/ptrace.c
+++ b/arch/alpha/kernel/ptrace.c
@@ -387,7 +387,7 @@ asmlinkage unsigned long syscall_trace_e
* If this fails, seccomp may already have set up the return value
* (e.g. SECCOMP_RET_ERRNO / TRACE).
*/
- if (secure_computing() == -1) {
+ if (!seccomp_permit_syscall()) {
if (regs->r19 == 0 && regs->r0 == (unsigned long)-1)
syscall_set_return_value(current, regs, -ENOSYS, 0);
syscall_set_nr(current, regs, -1);
--- a/arch/arm/kernel/ptrace.c
+++ b/arch/arm/kernel/ptrace.c
@@ -855,7 +855,7 @@ asmlinkage int syscall_trace_enter(struc
/* Do seccomp after ptrace; syscall may have changed. */
#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
#else
/* XXX: remove this once OABI gets fixed */
--- a/arch/arm64/kernel/ptrace.c
+++ b/arch/arm64/kernel/ptrace.c
@@ -2420,7 +2420,7 @@ int syscall_trace_enter(struct pt_regs *
}
/* Do the secure computing after ptrace; failures should be fast. */
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return NO_SYSCALL;
if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
--- a/arch/csky/kernel/ptrace.c
+++ b/arch/csky/kernel/ptrace.c
@@ -323,7 +323,7 @@ asmlinkage int syscall_trace_enter(struc
if (ptrace_report_syscall_entry(regs))
return -1;
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
--- a/arch/m68k/kernel/ptrace.c
+++ b/arch/m68k/kernel/ptrace.c
@@ -281,7 +281,7 @@ asmlinkage int syscall_trace_enter(void)
if (test_thread_flag(TIF_SYSCALL_TRACE))
ret = ptrace_report_syscall_entry(task_pt_regs(current));
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
return ret;
--- a/arch/mips/kernel/ptrace.c
+++ b/arch/mips/kernel/ptrace.c
@@ -1328,7 +1328,7 @@ asmlinkage long syscall_trace_enter(stru
return -1;
}
- if (secure_computing())
+ if (!seccomp_permit_syscall())
return -1;
if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
--- a/arch/parisc/kernel/ptrace.c
+++ b/arch/parisc/kernel/ptrace.c
@@ -351,7 +351,7 @@ long do_syscall_trace_enter(struct pt_re
}
/* Do the secure computing check after ptrace. */
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
#ifdef CONFIG_HAVE_SYSCALL_TRACEPOINTS
--- a/arch/sh/kernel/ptrace_32.c
+++ b/arch/sh/kernel/ptrace_32.c
@@ -460,7 +460,7 @@ asmlinkage long do_syscall_trace_enter(s
return -1;
}
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
return -1;
if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
--- a/arch/um/kernel/skas/syscall.c
+++ b/arch/um/kernel/skas/syscall.c
@@ -27,7 +27,7 @@ void handle_syscall(struct uml_pt_regs *
goto out;
/* Do the seccomp check after ptrace; failures should be fast. */
- if (secure_computing() == -1)
+ if (!seccomp_permit_syscall())
goto out;
syscall = UPT_SYSCALL_NR(r);
--- a/arch/x86/entry/vsyscall/vsyscall_64.c
+++ b/arch/x86/entry/vsyscall/vsyscall_64.c
@@ -118,10 +118,10 @@ static bool write_ok_or_segv(unsigned lo
static bool __emulate_vsyscall(struct pt_regs *regs, unsigned long address)
{
- unsigned long caller;
- int vsyscall_nr, syscall_nr, tmp;
+ unsigned long caller, orig_dx;
+ int vsyscall_nr, syscall_nr;
+ bool skip;
long ret;
- unsigned long orig_dx;
/* Confirm that the fault happened in 64-bit user mode */
if (!user_64bit_mode(regs))
@@ -197,16 +197,16 @@ static bool __emulate_vsyscall(struct pt
*/
regs->orig_ax = syscall_nr;
regs->ax = -ENOSYS;
- tmp = secure_computing();
- if ((!tmp && regs->orig_ax != syscall_nr) || regs->ip != address) {
+ skip = !seccomp_permit_syscall();
+ if ((!skip && regs->orig_ax != syscall_nr) || regs->ip != address) {
warn_bad_vsyscall(KERN_DEBUG, regs,
"seccomp tried to change syscall nr or ip");
force_exit_sig(SIGSYS);
return true;
}
regs->orig_ax = -1;
- if (tmp)
- goto do_ret; /* skip requested */
+ if (skip)
+ goto do_ret;
/*
* With a real vsyscall, page faults cause SIGSEGV.
--- a/arch/xtensa/kernel/ptrace.c
+++ b/arch/xtensa/kernel/ptrace.c
@@ -553,8 +553,7 @@ int do_syscall_trace_enter(struct pt_reg
return 0;
}
- if (regs->syscall == NO_SYSCALL ||
- secure_computing() == -1) {
+ if (regs->syscall == NO_SYSCALL || !seccomp_permit_syscall()) {
do_syscall_trace_leave(regs);
return 0;
}
--- a/include/linux/entry-common.h
+++ b/include/linux/entry-common.h
@@ -102,9 +102,8 @@ static __always_inline long syscall_trac
/* Do seccomp after ptrace, to catch any tracer changes. */
if (work & SYSCALL_WORK_SECCOMP) {
- ret = __secure_computing();
- if (ret == -1L)
- return ret;
+ if (!__seccomp_permit_syscall())
+ return -1L;
}
/* Either of the above might have changed the syscall number */
@@ -115,7 +114,7 @@ static __always_inline long syscall_trac
syscall_enter_audit(regs, syscall);
- return ret ? : syscall;
+ return syscall;
}
/**
@@ -138,7 +137,7 @@ static __always_inline long syscall_trac
* It handles the following work items:
*
* 1) syscall_work flag dependent invocations of
- * ptrace_report_syscall_entry(), __secure_computing(), trace_sys_enter()
+ * ptrace_report_syscall_entry(), __seccomp_permit_syscall(), trace_sys_enter()
* 2) Invocation of audit_syscall_entry()
*/
static __always_inline long syscall_enter_from_user_mode_work(struct pt_regs *regs, long syscall)
--- a/include/linux/seccomp.h
+++ b/include/linux/seccomp.h
@@ -22,14 +22,14 @@
#include <linux/atomic.h>
#include <asm/seccomp.h>
-extern int __secure_computing(void);
+extern bool __seccomp_permit_syscall(void);
#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
-static inline int secure_computing(void)
+static __always_inline bool seccomp_permit_syscall(void)
{
if (unlikely(test_syscall_work(SECCOMP)))
- return __secure_computing();
- return 0;
+ return __seccomp_permit_syscall();
+ return true;
}
#else
extern void secure_computing_strict(int this_syscall);
@@ -50,11 +50,11 @@ static inline int seccomp_mode(struct se
struct seccomp_data;
#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
-static inline int secure_computing(void) { return 0; }
+static inline bool seccomp_permit_syscall(void) { return true; }
#else
static inline void secure_computing_strict(int this_syscall) { return; }
#endif
-static inline int __secure_computing(void) { return 0; }
+static inline bool __seccomp_permit_syscall(void) { return true; }
static inline long prctl_get_seccomp(void)
{
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -1100,12 +1100,13 @@ void secure_computing_strict(int this_sy
else
BUG();
}
-int __secure_computing(void)
+
+bool __seccomp_permit_syscall(void)
{
int this_syscall = syscall_get_nr(current, current_pt_regs());
secure_computing_strict(this_syscall);
- return 0;
+ return true;
}
#else
@@ -1256,7 +1257,7 @@ static int seccomp_do_user_notification(
return -1;
}
-static int __seccomp_filter(int this_syscall, const bool recheck_after_trace)
+static bool __seccomp_filter(int this_syscall, const bool recheck_after_trace)
{
u32 filter_ret, action;
struct seccomp_data sd;
@@ -1294,7 +1295,7 @@ static int __seccomp_filter(int this_sys
case SECCOMP_RET_TRACE:
/* We've been put in this state by the ptracer already. */
if (recheck_after_trace)
- return 0;
+ return true;
/* ENOSYS these calls if there is no tracer attached. */
if (!ptrace_event_enabled(current, PTRACE_EVENT_SECCOMP)) {
@@ -1330,19 +1331,19 @@ static int __seccomp_filter(int this_sys
* a skip would have already been reported.
*/
if (__seccomp_filter(this_syscall, true))
- return -1;
+ return false;
- return 0;
+ return true;
case SECCOMP_RET_USER_NOTIF:
if (seccomp_do_user_notification(this_syscall, match, &sd))
goto skip;
- return 0;
+ return true;
case SECCOMP_RET_LOG:
seccomp_log(this_syscall, 0, action, true);
- return 0;
+ return true;
case SECCOMP_RET_ALLOW:
/*
@@ -1350,7 +1351,7 @@ static int __seccomp_filter(int this_sys
* this action since SECCOMP_RET_ALLOW is the starting
* state in seccomp_run_filters().
*/
- return 0;
+ return true;
case SECCOMP_RET_KILL_THREAD:
case SECCOMP_RET_KILL_PROCESS:
@@ -1367,46 +1368,46 @@ static int __seccomp_filter(int this_sys
} else {
do_exit(SIGSYS);
}
- return -1; /* skip the syscall go directly to signal handling */
+ return false; /* skip the syscall go directly to signal handling */
}
unreachable();
skip:
seccomp_log(this_syscall, 0, action, match ? match->log : false);
- return -1;
+ return false;
}
#else
-static int __seccomp_filter(int this_syscall, const bool recheck_after_trace)
+static bool __seccomp_filter(int this_syscall, const bool recheck_after_trace)
{
BUG();
- return -1;
+ return false;
}
#endif
-int __secure_computing(void)
+bool __seccomp_permit_syscall(void)
{
int mode = current->seccomp.mode;
int this_syscall;
if (IS_ENABLED(CONFIG_CHECKPOINT_RESTORE) &&
unlikely(current->ptrace & PT_SUSPEND_SECCOMP))
- return 0;
+ return true;
this_syscall = syscall_get_nr(current, current_pt_regs());
switch (mode) {
case SECCOMP_MODE_STRICT:
__secure_computing_strict(this_syscall); /* may call do_exit */
- return 0;
+ return true;
case SECCOMP_MODE_FILTER:
return __seccomp_filter(this_syscall, false);
/* Surviving SECCOMP_RET_KILL_* must be proactively impossible. */
case SECCOMP_MODE_DEAD:
WARN_ON_ONCE(1);
do_exit(SIGKILL);
- return -1;
+ return false;
default:
BUG();
}
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2026-07-07 19:06 UTC|newest]
Thread overview: 304+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-07 19:05 [patch 00/18] entry: Consolidate and rework syscall entry handling Thomas Gleixner
2026-07-07 19:05 ` Thomas Gleixner
2026-07-07 19:05 ` Thomas Gleixner
2026-07-07 19:05 ` [patch 01/18] powerpc: Move stack randomization after syscall_enter_from_user_mode() Thomas Gleixner
2026-07-07 19:05 ` Thomas Gleixner
2026-07-07 19:05 ` Thomas Gleixner
2026-07-08 14:07 ` Shrikanth Hegde
2026-07-08 14:07 ` Shrikanth Hegde
2026-07-08 14:07 ` Shrikanth Hegde
2026-07-08 17:22 ` Radu Rendec
2026-07-08 17:22 ` Radu Rendec
2026-07-08 17:22 ` Radu Rendec
2026-07-09 1:20 ` Jinjie Ruan
2026-07-09 1:20 ` Jinjie Ruan
2026-07-09 1:20 ` Jinjie Ruan
2026-07-09 11:12 ` Philippe Mathieu-Daudé
2026-07-09 11:12 ` Philippe Mathieu-Daudé
2026-07-09 11:12 ` Philippe Mathieu-Daudé
2026-07-09 18:32 ` Mukesh Kumar Chaurasiya
2026-07-09 18:32 ` Mukesh Kumar Chaurasiya
2026-07-09 18:32 ` Mukesh Kumar Chaurasiya
2026-07-12 12:44 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-07 19:06 ` [patch 02/18] randomize_kstack: Provide add_random_kstack_offset_irqsoff() Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-08 17:24 ` Radu Rendec
2026-07-08 17:24 ` Radu Rendec
2026-07-08 17:24 ` Radu Rendec
2026-07-09 2:13 ` Jinjie Ruan
2026-07-09 2:13 ` Jinjie Ruan
2026-07-09 2:13 ` Jinjie Ruan
2026-07-09 16:23 ` Kees Cook
2026-07-09 16:23 ` Kees Cook
2026-07-09 16:23 ` Kees Cook
2026-07-09 18:34 ` Mukesh Kumar Chaurasiya
2026-07-09 18:34 ` Mukesh Kumar Chaurasiya
2026-07-09 18:34 ` Mukesh Kumar Chaurasiya
2026-07-12 12:44 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-07 19:06 ` [patch 03/18] entry: Provide [syscall_]enter_from_user_mode_randomize_stack() Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-08 17:26 ` Radu Rendec
2026-07-08 17:26 ` Radu Rendec
2026-07-08 17:26 ` Radu Rendec
2026-07-09 2:34 ` Jinjie Ruan
2026-07-09 2:34 ` Jinjie Ruan
2026-07-09 2:34 ` Jinjie Ruan
2026-07-09 3:46 ` Jinjie Ruan
2026-07-09 3:46 ` Jinjie Ruan
2026-07-09 3:46 ` Jinjie Ruan
2026-07-09 11:15 ` Philippe Mathieu-Daudé
2026-07-09 11:15 ` Philippe Mathieu-Daudé
2026-07-09 11:15 ` Philippe Mathieu-Daudé
2026-07-09 20:16 ` Mukesh Kumar Chaurasiya
2026-07-09 20:16 ` Mukesh Kumar Chaurasiya
2026-07-09 20:16 ` Mukesh Kumar Chaurasiya
2026-07-12 12:44 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-07 19:06 ` [patch 04/18] loongarch/syscall: Use syscall_enter_from_user_mode_randomize_stack() Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-08 18:37 ` Radu Rendec
2026-07-08 18:37 ` Radu Rendec
2026-07-08 18:37 ` Radu Rendec
2026-07-09 2:37 ` Jinjie Ruan
2026-07-09 2:37 ` Jinjie Ruan
2026-07-09 2:37 ` Jinjie Ruan
2026-07-09 11:15 ` Philippe Mathieu-Daudé
2026-07-09 11:15 ` Philippe Mathieu-Daudé
2026-07-09 11:15 ` Philippe Mathieu-Daudé
2026-07-09 18:40 ` Mukesh Kumar Chaurasiya
2026-07-09 18:40 ` Mukesh Kumar Chaurasiya
2026-07-09 18:40 ` Mukesh Kumar Chaurasiya
2026-07-12 12:44 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-07 19:06 ` [patch 05/18] powerpc/syscall: " Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-08 18:35 ` Radu Rendec
2026-07-08 18:35 ` Radu Rendec
2026-07-08 18:35 ` Radu Rendec
2026-07-09 2:38 ` Jinjie Ruan
2026-07-09 2:38 ` Jinjie Ruan
2026-07-09 2:38 ` Jinjie Ruan
2026-07-09 11:16 ` Philippe Mathieu-Daudé
2026-07-09 11:16 ` Philippe Mathieu-Daudé
2026-07-09 11:16 ` Philippe Mathieu-Daudé
2026-07-09 18:41 ` Mukesh Kumar Chaurasiya
2026-07-09 18:41 ` Mukesh Kumar Chaurasiya
2026-07-09 18:41 ` Mukesh Kumar Chaurasiya
2026-07-12 12:44 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-07 19:06 ` [patch 06/18] riscv/syscall: " Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-08 20:57 ` Radu Rendec
2026-07-08 20:57 ` Radu Rendec
2026-07-08 20:57 ` Radu Rendec
2026-07-09 2:38 ` Jinjie Ruan
2026-07-09 2:38 ` Jinjie Ruan
2026-07-09 2:38 ` Jinjie Ruan
2026-07-09 11:16 ` Philippe Mathieu-Daudé
2026-07-09 11:16 ` Philippe Mathieu-Daudé
2026-07-09 11:16 ` Philippe Mathieu-Daudé
2026-07-09 18:42 ` Mukesh Kumar Chaurasiya
2026-07-09 18:42 ` Mukesh Kumar Chaurasiya
2026-07-09 18:42 ` Mukesh Kumar Chaurasiya
2026-07-12 12:44 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-13 7:06 ` [patch 06/18] " Guo Ren
2026-07-13 7:06 ` Guo Ren
2026-07-13 7:06 ` Guo Ren
2026-07-07 19:06 ` [patch 07/18] s390/syscall: Use enter_from_user_mode_randomize_stack() Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-08 6:47 ` Sven Schnelle
2026-07-08 6:47 ` Sven Schnelle
2026-07-08 6:47 ` Sven Schnelle
2026-07-08 20:57 ` Radu Rendec
2026-07-08 20:57 ` Radu Rendec
2026-07-08 20:57 ` Radu Rendec
2026-07-09 2:39 ` Jinjie Ruan
2026-07-09 2:39 ` Jinjie Ruan
2026-07-09 2:39 ` Jinjie Ruan
2026-07-09 2:46 ` Jinjie Ruan
2026-07-09 2:46 ` Jinjie Ruan
2026-07-09 2:46 ` Jinjie Ruan
2026-07-09 11:17 ` Philippe Mathieu-Daudé
2026-07-09 11:17 ` Philippe Mathieu-Daudé
2026-07-09 11:17 ` Philippe Mathieu-Daudé
2026-07-09 18:43 ` Mukesh Kumar Chaurasiya
2026-07-09 18:43 ` Mukesh Kumar Chaurasiya
2026-07-09 18:43 ` Mukesh Kumar Chaurasiya
2026-07-12 12:44 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-07 19:06 ` [patch 08/18] x86/syscall: Use [syscall_]enter_from_user_mode_randomize_stack() Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-08 20:59 ` Radu Rendec
2026-07-08 20:59 ` Radu Rendec
2026-07-08 20:59 ` Radu Rendec
2026-07-09 2:44 ` Jinjie Ruan
2026-07-09 2:44 ` Jinjie Ruan
2026-07-09 2:44 ` Jinjie Ruan
2026-07-09 11:18 ` Philippe Mathieu-Daudé
2026-07-09 11:18 ` Philippe Mathieu-Daudé
2026-07-09 11:18 ` Philippe Mathieu-Daudé
2026-07-09 18:45 ` Mukesh Kumar Chaurasiya
2026-07-09 18:45 ` Mukesh Kumar Chaurasiya
2026-07-09 18:45 ` Mukesh Kumar Chaurasiya
2026-07-12 12:44 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-07 19:06 ` [patch 09/18] entry: Remove syscall_enter_from_user_mode() Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-08 21:21 ` Radu Rendec
2026-07-08 21:21 ` Radu Rendec
2026-07-08 21:21 ` Radu Rendec
2026-07-08 22:08 ` Thomas Gleixner
2026-07-08 22:08 ` Thomas Gleixner
2026-07-08 22:08 ` Thomas Gleixner
2026-07-09 2:49 ` Jinjie Ruan
2026-07-09 2:49 ` Jinjie Ruan
2026-07-09 2:49 ` Jinjie Ruan
2026-07-09 18:49 ` Mukesh Kumar Chaurasiya
2026-07-09 18:49 ` Mukesh Kumar Chaurasiya
2026-07-09 18:49 ` Mukesh Kumar Chaurasiya
2026-07-12 12:44 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-07 19:06 ` [patch 10/18] entry: Use syscall number instead of rereading it Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-08 21:39 ` Radu Rendec
2026-07-08 21:39 ` Radu Rendec
2026-07-08 21:39 ` Radu Rendec
2026-07-09 2:55 ` Jinjie Ruan
2026-07-09 2:55 ` Jinjie Ruan
2026-07-09 2:55 ` Jinjie Ruan
2026-07-09 11:20 ` Philippe Mathieu-Daudé
2026-07-09 11:20 ` Philippe Mathieu-Daudé
2026-07-09 11:20 ` Philippe Mathieu-Daudé
2026-07-09 11:22 ` Philippe Mathieu-Daudé
2026-07-09 11:22 ` Philippe Mathieu-Daudé
2026-07-09 11:22 ` Philippe Mathieu-Daudé
2026-07-09 18:50 ` Mukesh Kumar Chaurasiya
2026-07-09 18:50 ` Mukesh Kumar Chaurasiya
2026-07-09 18:50 ` Mukesh Kumar Chaurasiya
2026-07-12 12:44 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner [this message]
2026-07-07 19:06 ` [patch 11/18] seccomp, treewide: Rename and convert __secure_computing() to return boolean Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-08 1:43 ` Jinjie Ruan
2026-07-08 1:43 ` Jinjie Ruan
2026-07-08 1:43 ` Jinjie Ruan
2026-07-08 9:15 ` Thomas Gleixner
2026-07-08 9:15 ` Thomas Gleixner
2026-07-08 9:15 ` Thomas Gleixner
2026-07-08 16:04 ` Oleg Nesterov
2026-07-08 16:04 ` Oleg Nesterov
2026-07-08 16:04 ` Oleg Nesterov
2026-07-08 21:49 ` Thomas Gleixner
2026-07-08 21:49 ` Thomas Gleixner
2026-07-08 21:49 ` Thomas Gleixner
2026-07-09 16:22 ` Kees Cook
2026-07-09 16:22 ` Kees Cook
2026-07-09 16:22 ` Kees Cook
2026-07-09 19:10 ` Mukesh Kumar Chaurasiya
2026-07-09 19:10 ` Mukesh Kumar Chaurasiya
2026-07-09 19:10 ` Mukesh Kumar Chaurasiya
2026-07-12 12:43 ` [tip: core/entry] " tip-bot2 for Jinjie Ruan
2026-07-07 19:06 ` [patch 12/18] ptrace, treewide: Rename ptrace_report_syscall_entry() to ptrace_report_syscall_permit_entry() Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-08 15:46 ` Oleg Nesterov
2026-07-08 15:46 ` Oleg Nesterov
2026-07-08 15:46 ` Oleg Nesterov
2026-07-09 1:41 ` Jinjie Ruan
2026-07-09 1:41 ` Jinjie Ruan
2026-07-09 1:41 ` Jinjie Ruan
2026-07-09 8:41 ` Geert Uytterhoeven
2026-07-09 8:41 ` Geert Uytterhoeven
2026-07-09 8:41 ` Geert Uytterhoeven
2026-07-09 17:03 ` Radu Rendec
2026-07-09 17:03 ` Radu Rendec
2026-07-09 17:03 ` Radu Rendec
2026-07-09 19:22 ` Mukesh Kumar Chaurasiya
2026-07-09 19:22 ` Mukesh Kumar Chaurasiya
2026-07-09 19:22 ` Mukesh Kumar Chaurasiya
2026-07-10 10:42 ` Michal Suchánek
2026-07-10 10:42 ` Michal Suchánek
2026-07-10 11:16 ` Oleg Nesterov
2026-07-10 11:16 ` Oleg Nesterov
2026-07-10 11:16 ` Oleg Nesterov
2026-07-12 12:43 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-07 19:06 ` [patch 13/18] entry: Make trace_syscall_enter() return type bool Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-08 15:52 ` Michal Suchánek
2026-07-08 15:52 ` Michal Suchánek
2026-07-08 15:52 ` Michal Suchánek
2026-07-08 20:34 ` Thomas Gleixner
2026-07-08 20:34 ` Thomas Gleixner
2026-07-08 20:34 ` Thomas Gleixner
2026-07-08 23:14 ` Thomas Gleixner
2026-07-08 23:14 ` Thomas Gleixner
2026-07-08 23:14 ` Thomas Gleixner
2026-07-09 16:26 ` David Laight
2026-07-09 16:26 ` David Laight
2026-07-09 16:26 ` David Laight
2026-07-10 11:01 ` Michal Suchánek
2026-07-10 11:01 ` Michal Suchánek
2026-07-10 11:40 ` Oleg Nesterov
2026-07-10 11:40 ` Oleg Nesterov
2026-07-10 11:40 ` Oleg Nesterov
2026-07-10 12:32 ` Michal Suchánek
2026-07-10 12:32 ` Michal Suchánek
2026-07-10 12:32 ` Michal Suchánek
2026-07-10 12:52 ` Oleg Nesterov
2026-07-10 12:52 ` Oleg Nesterov
2026-07-10 12:52 ` Oleg Nesterov
2026-07-10 15:20 ` Michal Suchánek
2026-07-10 15:20 ` Michal Suchánek
2026-07-11 20:33 ` Thomas Gleixner
2026-07-11 20:33 ` Thomas Gleixner
2026-07-11 20:33 ` Thomas Gleixner
2026-07-14 8:20 ` Michal Suchánek
2026-07-07 19:06 ` [patch 14/18] entry: Make return type of syscall_trace_enter() bool Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-09 19:36 ` Mukesh Kumar Chaurasiya
2026-07-09 19:36 ` Mukesh Kumar Chaurasiya
2026-07-09 19:36 ` Mukesh Kumar Chaurasiya
2026-07-07 19:06 ` [patch 15/18] x86/entry: Make syscall functions static Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-07 19:06 ` Thomas Gleixner
2026-07-09 1:47 ` Jinjie Ruan
2026-07-09 1:47 ` Jinjie Ruan
2026-07-09 1:47 ` Jinjie Ruan
2026-07-09 19:43 ` Mukesh Kumar Chaurasiya
2026-07-09 19:43 ` Mukesh Kumar Chaurasiya
2026-07-09 19:43 ` Mukesh Kumar Chaurasiya
2026-07-12 12:43 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-07 19:07 ` [patch 16/18] x86/entry: Get rid of the sys_ni_syscall() indirection Thomas Gleixner
2026-07-07 19:07 ` Thomas Gleixner
2026-07-07 19:07 ` Thomas Gleixner
2026-07-09 2:03 ` Jinjie Ruan
2026-07-09 2:03 ` Jinjie Ruan
2026-07-09 2:03 ` Jinjie Ruan
2026-07-12 12:43 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-07 19:07 ` [patch 17/18] x86/entry: Simplify the syscall number logic Thomas Gleixner
2026-07-07 19:07 ` Thomas Gleixner
2026-07-07 19:07 ` Thomas Gleixner
2026-07-12 12:43 ` [tip: core/entry] " tip-bot2 for Thomas Gleixner
2026-07-07 19:07 ` [patch 18/18] entry, treewide: Make syscall_enter_from_user_mode[_work]() indicate syscall execution Thomas Gleixner
2026-07-07 19:07 ` Thomas Gleixner
2026-07-07 19:07 ` Thomas Gleixner
2026-07-08 5:21 ` Shrikanth Hegde
2026-07-08 5:21 ` Shrikanth Hegde
2026-07-08 5:21 ` Shrikanth Hegde
2026-07-08 9:16 ` Thomas Gleixner
2026-07-08 9:16 ` Thomas Gleixner
2026-07-08 9:16 ` Thomas Gleixner
2026-07-09 19:49 ` Mukesh Kumar Chaurasiya
2026-07-09 19:49 ` Mukesh Kumar Chaurasiya
2026-07-09 19:49 ` Mukesh Kumar Chaurasiya
2026-07-09 20:15 ` [patch 00/18] entry: Consolidate and rework syscall entry handling Mukesh Kumar Chaurasiya
2026-07-09 20:15 ` Mukesh Kumar Chaurasiya
2026-07-09 20:15 ` Mukesh Kumar Chaurasiya
2026-07-11 12:29 ` Magnus Lindholm
2026-07-11 12:29 ` Magnus Lindholm
2026-07-11 12:29 ` Magnus Lindholm
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260707190254.230735780@kernel.org \
--to=tglx@kernel.org \
--cc=andreas@gaisler.com \
--cc=arnd@arndb.de \
--cc=bcain@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=chenhuacai@kernel.org \
--cc=chris@zankel.net \
--cc=corbet@lwn.net \
--cc=davem@davemloft.net \
--cc=deller@gmx.de \
--cc=dinguyen@kernel.org \
--cc=geert@linux-m68k.org \
--cc=guoren@kernel.org \
--cc=kees@kernel.org \
--cc=linux-alpha@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-csky@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-hexagon@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-m68k@lists.linux-m68k.org \
--cc=linux-mips@vger.kernel.org \
--cc=linux-openrisc@vger.kernel.org \
--cc=linux-parisc@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux-sh@vger.kernel.org \
--cc=linux-snps-arc@lists.infradead.org \
--cc=linux-um@lists.infradead.org \
--cc=linux@armlinux.org.uk \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=loongarch@lists.linux.dev \
--cc=luto@kernel.org \
--cc=mark.rutland@arm.com \
--cc=monstr@monstr.eu \
--cc=mpe@ellerman.id.au \
--cc=msuchanek@suse.de \
--cc=oleg@redhat.com \
--cc=palmer@dabbelt.com \
--cc=peterz@infradead.org \
--cc=pjw@kernel.org \
--cc=richard.henderson@linaro.org \
--cc=richard@nod.at \
--cc=ruanjinjie@huawei.com \
--cc=sparclinux@vger.kernel.org \
--cc=sshegde@linux.ibm.com \
--cc=svens@linux.ibm.com \
--cc=tsbogend@alpha.franken.de \
--cc=vgupta@kernel.org \
--cc=will@kernel.org \
--cc=x86@kernel.org \
--cc=ysato@users.sourceforge.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.