From: Ada Couprie Diaz <ada.coupriediaz@arm.com>
To: Jinjie Ruan <ruanjinjie@huawei.com>
Cc: mark.rutland@arm.com, peterz@infradead.org,
catalin.marinas@arm.com, ldv@strace.io, song@kernel.org,
will@kernel.org, kees@kernel.org, thuth@redhat.com,
ryan.roberts@arm.com, anshuman.khandual@arm.com,
kevin.brodsky@arm.com, pengcan@kylinos.cn, broonie@kernel.org,
luto@kernel.org, linux-arm-kernel@lists.infradead.org,
wad@chromium.org, yeoreum.yun@arm.com, oleg@redhat.com,
linux-kernel@vger.kernel.org, james.morse@arm.com,
tglx@kernel.org, liqiang01@kylinos.cn, linusw@kernel.org
Subject: Re: [PATCH v15 04/11] arm64/ptrace: Expand secure_computing() in place
Date: Wed, 24 Jun 2026 14:43:33 +0100 [thread overview]
Message-ID: <af2f23cc-331a-4145-abdd-eaa8fe4039d6@arm.com> (raw)
In-Reply-To: <20260511092103.1974980-5-ruanjinjie@huawei.com>
On 11/05/2026 10:20, Jinjie Ruan wrote:
> Refactor syscall_trace_enter() by open-coding the seccomp check
> to align with the generic entry framework.
>
> [Background]
> The generic entry implementation expands the seccomp check in-place
> instead of using the secure_computing() wrapper. It directly tests
> SYSCALL_WORK_SECCOMP and calls the underlying __secure_computing()
> function to handle syscall filtering.
>
> [Changes]
> 1. Open-code seccomp check:
> - Instead of calling the secure_computing() wrapper, explicitly check
> the 'flags' parameter for _TIF_SECCOMP.
> - Call __secure_computing() directly if the flag is set.
>
> [Why this matters]
> - Aligns the arm64 syscall path with the generic entry implementation,
> simplifying future migration to the generic entry framework.
> - No functional changes are intended; seccomp behavior remains identical.
>
> Cc: Mark Rutland <mark.rutland@arm.com>
> Cc: Will Deacon <will@kernel.org>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Reviewed-by: Linus Walleij <linusw@kernel.org>
> Reviewed-by: Yeoreum Yun <yeoreum.yun@arm.com>
> Reviewed-by: Kevin Brodsky <kevin.brodsky@arm.com>
> Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
> ---
Reviewed-by: Ada Couprie Diaz <ada.coupriediaz@arm.com>
WARNING: multiple messages have this Message-ID (diff)
From: Ada Couprie Diaz <ada.coupriediaz@arm.com>
To: Jinjie Ruan <ruanjinjie@huawei.com>
Cc: Ada Couprie Diaz <ada.coupriediaz@arm.com>,
catalin.marinas@arm.com, will@kernel.org, oleg@redhat.com,
tglx@kernel.org, peterz@infradead.org, luto@kernel.org,
kees@kernel.org, wad@chromium.org, mark.rutland@arm.com,
yeoreum.yun@arm.com, linusw@kernel.org, kevin.brodsky@arm.com,
ldv@strace.io, thuth@redhat.com, james.morse@arm.com,
song@kernel.org, anshuman.khandual@arm.com, broonie@kernel.org,
ryan.roberts@arm.com, pengcan@kylinos.cn, liqiang01@kylinos.cn,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v15 04/11] arm64/ptrace: Expand secure_computing() in place
Date: Wed, 24 Jun 2026 14:43:33 +0100 [thread overview]
Message-ID: <af2f23cc-331a-4145-abdd-eaa8fe4039d6@arm.com> (raw)
In-Reply-To: <20260511092103.1974980-5-ruanjinjie@huawei.com>
On 11/05/2026 10:20, Jinjie Ruan wrote:
> Refactor syscall_trace_enter() by open-coding the seccomp check
> to align with the generic entry framework.
>
> [Background]
> The generic entry implementation expands the seccomp check in-place
> instead of using the secure_computing() wrapper. It directly tests
> SYSCALL_WORK_SECCOMP and calls the underlying __secure_computing()
> function to handle syscall filtering.
>
> [Changes]
> 1. Open-code seccomp check:
> - Instead of calling the secure_computing() wrapper, explicitly check
> the 'flags' parameter for _TIF_SECCOMP.
> - Call __secure_computing() directly if the flag is set.
>
> [Why this matters]
> - Aligns the arm64 syscall path with the generic entry implementation,
> simplifying future migration to the generic entry framework.
> - No functional changes are intended; seccomp behavior remains identical.
>
> Cc: Mark Rutland <mark.rutland@arm.com>
> Cc: Will Deacon <will@kernel.org>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Reviewed-by: Linus Walleij <linusw@kernel.org>
> Reviewed-by: Yeoreum Yun <yeoreum.yun@arm.com>
> Reviewed-by: Kevin Brodsky <kevin.brodsky@arm.com>
> Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com>
> ---
Reviewed-by: Ada Couprie Diaz <ada.coupriediaz@arm.com>
next prev parent reply other threads:[~2026-06-24 13:43 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-11 9:20 [PATCH v15 00/11] arm64: entry: Convert to Generic Entry Jinjie Ruan
2026-05-11 9:20 ` [PATCH v15 01/11] entry: Fix potential syscall truncation in syscall_trace_enter() Jinjie Ruan
2026-05-27 12:21 ` Linus Walleij
2026-05-27 12:21 ` Linus Walleij
2026-06-24 13:34 ` Ada Couprie Diaz
2026-06-24 13:34 ` Ada Couprie Diaz
2026-06-24 17:34 ` Thomas Gleixner
2026-05-11 9:20 ` [PATCH v15 02/11] arm64/ptrace: Refactor syscall_trace_enter/exit() to accept flags parameter Jinjie Ruan
2026-06-24 13:38 ` Ada Couprie Diaz
2026-06-24 13:38 ` Ada Couprie Diaz
2026-05-11 9:20 ` [PATCH v15 03/11] arm64/ptrace: Use syscall_get_nr() helper for syscall_trace_enter() Jinjie Ruan
2026-06-24 13:42 ` Ada Couprie Diaz
2026-06-24 13:42 ` Ada Couprie Diaz
2026-05-11 9:20 ` [PATCH v15 04/11] arm64/ptrace: Expand secure_computing() in place Jinjie Ruan
2026-06-24 13:43 ` Ada Couprie Diaz [this message]
2026-06-24 13:43 ` Ada Couprie Diaz
2026-05-11 9:20 ` [PATCH v15 05/11] arm64/ptrace: Use syscall_get_arguments() helper for audit Jinjie Ruan
2026-06-24 13:44 ` Ada Couprie Diaz
2026-06-24 13:44 ` Ada Couprie Diaz
2026-05-11 9:20 ` [PATCH v15 06/11] arm64: ptrace: Move rseq_syscall() before audit_syscall_exit() Jinjie Ruan
2026-06-24 13:46 ` Ada Couprie Diaz
2026-06-24 13:46 ` Ada Couprie Diaz
2026-05-11 9:20 ` [PATCH v15 07/11] arm64: syscall: Introduce syscall_exit_to_user_mode_work() Jinjie Ruan
2026-06-24 14:37 ` Ada Couprie Diaz
2026-06-24 14:37 ` Ada Couprie Diaz
2026-05-11 9:21 ` [PATCH v15 08/11] arm64/ptrace: Define and use _TIF_SYSCALL_EXIT_WORK Jinjie Ruan
2026-06-24 14:53 ` Ada Couprie Diaz
2026-06-24 14:53 ` Ada Couprie Diaz
2026-05-11 9:21 ` [PATCH v15 09/11] arm64/ptrace: Skip syscall exit reporting for PTRACE_SYSEMU_SINGLESTEP Jinjie Ruan
2026-06-24 14:55 ` Ada Couprie Diaz
2026-06-24 14:55 ` Ada Couprie Diaz
2026-05-11 9:21 ` [PATCH v15 10/11] arm64: entry: Convert to generic entry Jinjie Ruan
2026-06-24 15:32 ` Ada Couprie Diaz
2026-06-24 15:32 ` Ada Couprie Diaz
2026-05-11 9:21 ` [PATCH v15 11/11] arm64: Inline el0_svc_common() Jinjie Ruan
2026-06-24 15:36 ` Ada Couprie Diaz
2026-06-24 15:36 ` Ada Couprie Diaz
2026-06-17 16:27 ` [PATCH v15 00/11] arm64: entry: Convert to Generic Entry Ada Couprie Diaz
2026-06-17 16:27 ` Ada Couprie Diaz
2026-06-24 15:44 ` Ada Couprie Diaz
2026-06-24 15:44 ` Ada Couprie Diaz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=af2f23cc-331a-4145-abdd-eaa8fe4039d6@arm.com \
--to=ada.coupriediaz@arm.com \
--cc=anshuman.khandual@arm.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=james.morse@arm.com \
--cc=kees@kernel.org \
--cc=kevin.brodsky@arm.com \
--cc=ldv@strace.io \
--cc=linusw@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=liqiang01@kylinos.cn \
--cc=luto@kernel.org \
--cc=mark.rutland@arm.com \
--cc=oleg@redhat.com \
--cc=pengcan@kylinos.cn \
--cc=peterz@infradead.org \
--cc=ruanjinjie@huawei.com \
--cc=ryan.roberts@arm.com \
--cc=song@kernel.org \
--cc=tglx@kernel.org \
--cc=thuth@redhat.com \
--cc=wad@chromium.org \
--cc=will@kernel.org \
--cc=yeoreum.yun@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.