From: "Michal Suchánek" <msuchanek@suse.de>
To: Mark Rutland <mark.rutland@arm.com>
Cc: Thomas Gleixner <tglx@kernel.org>,
Jinjie Ruan <ruanjinjie@huawei.com>,
oleg@redhat.com, richard.henderson@linaro.org,
mattst88@gmail.com, linmag7@gmail.com, linux@armlinux.org.uk,
catalin.marinas@arm.com, will@kernel.org, kees@kernel.org,
guoren@kernel.org, chenhuacai@kernel.org, kernel@xen0n.name,
geert@linux-m68k.org, tsbogend@alpha.franken.de,
James.Bottomley@hansenpartnership.com, deller@gmx.de,
maddy@linux.ibm.com, mpe@ellerman.id.au, npiggin@gmail.com,
chleroy@kernel.org, pjw@kernel.org, palmer@dabbelt.com,
aou@eecs.berkeley.edu, alex@ghiti.fr, hca@linux.ibm.com,
gor@linux.ibm.com, agordeev@linux.ibm.com,
borntraeger@linux.ibm.com, svens@linux.ibm.com,
ysato@users.sourceforge.jp, dalias@libc.org,
glaubitz@physik.fu-berlin.de, richard@nod.at,
anton.ivanov@cambridgegreys.com, johannes@sipsolutions.net,
luto@kernel.org, mingo@redhat.com, bp@alien8.de,
dave.hansen@linux.intel.com, hpa@zytor.com, chris@zankel.net,
jcmvbkbc@gmail.com, peterz@infradead.org, wad@chromium.org,
thuth@redhat.com, ada.coupriediaz@arm.com, kevin.brodsky@arm.com,
linusw@kernel.org, yeoreum.yun@arm.com, song@kernel.org,
james.morse@arm.com, anshuman.khandual@arm.com,
broonie@kernel.org, liqiang01@kylinos.cn, pengcan@kylinos.cn,
ryan.roberts@arm.com, yangtiezhu@loongson.cn,
sshegde@linux.ibm.com, mchauras@linux.ibm.com,
austin.kim@lge.com, jchrist@linux.ibm.com, arnd@arndb.de,
thomas.weissschuh@linutronix.de, sohil.mehta@intel.com,
andrew.cooper3@citrix.com, jgross@suse.com, kas@kernel.org,
x86@kernel.org, linux-alpha@vger.kernel.org,
linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org, linux-mm@kvack.org,
linux-csky@vger.kernel.org, loongarch@lists.linux.dev,
linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org,
linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
linux-riscv@lists.infradead.org, linux-s390@vger.kernel.org,
linux-sh@vger.kernel.org, linux-um@lists.infradead.org
Subject: Re: [PATCH v16 01/18] seccomp: Convert __secure_computing() to return boolean
Date: Fri, 3 Jul 2026 12:27:26 +0200 [thread overview]
Message-ID: <akeOjqMy7HVgRRCr@kunlun.suse.cz> (raw)
In-Reply-To: <akeIK5TRCjlKbzbp@J2N7QTR9R3>
On Fri, Jul 03, 2026 at 11:00:11AM +0100, Mark Rutland wrote:
> On Fri, Jul 03, 2026 at 11:48:49AM +0200, Thomas Gleixner wrote:
> > On Fri, Jul 03 2026 at 09:51, Michal Suchánek wrote:
> > > On Mon, Jun 29, 2026 at 09:05:59PM +0800, Jinjie Ruan wrote:
> > >> - if (secure_computing())
> > >> + if (!secure_computing())
> > >> return -1;
> > >
> > > Hello,
> > >
> > > I am not fond of this logic inversion. The boolean is meaningless in
> > > itself.
> > >
> > > Previously -1 was used to indicate that the syscall was filtered but you
> > > chose to invert the logic choosing true to mean syscall was not filtered.
> > >
> > > You could choose true to mean that syscall was fitered avoiding this
> > > inversion.
> >
> > That's just wrong. Boolean logic makes more sense with having
> > (!condition()). Just because the old 0/-1 nonsense had it the other way
> > round does not mean it has to stay that way.
>
> 100% agreed!
>
> Bikeshedding below; sorry.
>
> I think the bigger problem is just that secure_computing() is a terrible
> name that does not express the intended semantic -- it's not clear
> whether "secure computing" means "seccomp permit the syscall" or
> "seccomp is enabled and some special rules now apply" or something else
> entirely.
>
> If we're changing the return type, it might be worth renaming the
> function something like:
>
> seccomp_permits_syscall()
Then not only it is clear which way the boolean value should be
interpreted, it also pervents the accidental inversion of existing
calls. Overall great.
Thanks
Michal
next prev parent reply other threads:[~2026-07-03 10:27 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-29 13:05 [PATCH v16 00/18] arm64: entry: Convert to Generic Entry Jinjie Ruan
2026-06-29 13:05 ` [PATCH v16 01/18] seccomp: Convert __secure_computing() to return boolean Jinjie Ruan
2026-06-30 16:37 ` Ada Couprie Diaz
2026-07-03 7:51 ` Michal Suchánek
2026-07-03 9:48 ` Thomas Gleixner
2026-07-03 10:00 ` Mark Rutland
2026-07-03 10:27 ` Michal Suchánek [this message]
2026-07-03 11:59 ` Kevin Brodsky
2026-07-03 20:52 ` Thomas Gleixner
2026-07-03 21:01 ` H. Peter Anvin
2026-07-03 21:32 ` Linus Walleij
2026-06-29 13:06 ` [PATCH v16 02/18] syscall_user_dispatch: Introduce a weak fallback for arch_syscall_is_vdso_sigreturn() Jinjie Ruan
2026-07-03 11:13 ` Mukesh Kumar Chaurasiya
2026-07-03 11:43 ` Mark Rutland
2026-06-29 13:06 ` [PATCH v16 03/18] arm64: ptrace: Pass thread flags to syscall_trace_enter/exit() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 04/18] arm64: ptrace: Use syscall_get_nr() helper for syscall_trace_enter() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 05/18] arm64: ptrace: Expand secure_computing() in place Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 06/18] arm64: ptrace: Use syscall_get_arguments() helper for audit Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 07/18] arm64: ptrace: Protect rseq_syscall() from tracer PC modifications Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 08/18] arm64: ptrace: Rename syscall_trace_exit() to syscall_exit_work() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 09/18] arm64: syscall: Rework the syscall exit path in el0_svc_common() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 10/18] arm64: ptrace: Extract syscall_exit_to_user_mode_work() helper Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 11/18] arm64: ptrace: Align syscall exit work semantics with generic entry Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 12/18] arm64: syscall: Use exit-specific flags check in el0_svc_common() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 13/18] arm64: syscall: Simplify el0_svc_common() syscall exit path Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 14/18] arm64: syscall: Simplify syscall exit path in el0_svc_common() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 15/18] arm64: ptrace: Skip syscall exit reporting for PTRACE_SYSEMU_SINGLESTEP Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 16/18] arm64: entry: Convert to generic entry Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 17/18] arm64: Inline el0_svc_common() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 18/18] arm64: vdso: Expose sigreturn address on vdso to the kernel Jinjie Ruan
2026-06-30 15:14 ` Ada Couprie Diaz
2026-06-30 15:32 ` Thomas Weißschuh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=akeOjqMy7HVgRRCr@kunlun.suse.cz \
--to=msuchanek@suse.de \
--cc=James.Bottomley@hansenpartnership.com \
--cc=ada.coupriediaz@arm.com \
--cc=agordeev@linux.ibm.com \
--cc=alex@ghiti.fr \
--cc=andrew.cooper3@citrix.com \
--cc=anshuman.khandual@arm.com \
--cc=anton.ivanov@cambridgegreys.com \
--cc=aou@eecs.berkeley.edu \
--cc=arnd@arndb.de \
--cc=austin.kim@lge.com \
--cc=borntraeger@linux.ibm.com \
--cc=bp@alien8.de \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=chenhuacai@kernel.org \
--cc=chleroy@kernel.org \
--cc=chris@zankel.net \
--cc=dalias@libc.org \
--cc=dave.hansen@linux.intel.com \
--cc=deller@gmx.de \
--cc=geert@linux-m68k.org \
--cc=glaubitz@physik.fu-berlin.de \
--cc=gor@linux.ibm.com \
--cc=guoren@kernel.org \
--cc=hca@linux.ibm.com \
--cc=hpa@zytor.com \
--cc=james.morse@arm.com \
--cc=jchrist@linux.ibm.com \
--cc=jcmvbkbc@gmail.com \
--cc=jgross@suse.com \
--cc=johannes@sipsolutions.net \
--cc=kas@kernel.org \
--cc=kees@kernel.org \
--cc=kernel@xen0n.name \
--cc=kevin.brodsky@arm.com \
--cc=linmag7@gmail.com \
--cc=linusw@kernel.org \
--cc=linux-alpha@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-csky@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-m68k@lists.linux-m68k.org \
--cc=linux-mips@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-parisc@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux-sh@vger.kernel.org \
--cc=linux-um@lists.infradead.org \
--cc=linux@armlinux.org.uk \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=liqiang01@kylinos.cn \
--cc=loongarch@lists.linux.dev \
--cc=luto@kernel.org \
--cc=maddy@linux.ibm.com \
--cc=mark.rutland@arm.com \
--cc=mattst88@gmail.com \
--cc=mchauras@linux.ibm.com \
--cc=mingo@redhat.com \
--cc=mpe@ellerman.id.au \
--cc=npiggin@gmail.com \
--cc=oleg@redhat.com \
--cc=palmer@dabbelt.com \
--cc=pengcan@kylinos.cn \
--cc=peterz@infradead.org \
--cc=pjw@kernel.org \
--cc=richard.henderson@linaro.org \
--cc=richard@nod.at \
--cc=ruanjinjie@huawei.com \
--cc=ryan.roberts@arm.com \
--cc=sohil.mehta@intel.com \
--cc=song@kernel.org \
--cc=sshegde@linux.ibm.com \
--cc=svens@linux.ibm.com \
--cc=tglx@kernel.org \
--cc=thomas.weissschuh@linutronix.de \
--cc=thuth@redhat.com \
--cc=tsbogend@alpha.franken.de \
--cc=wad@chromium.org \
--cc=will@kernel.org \
--cc=x86@kernel.org \
--cc=yangtiezhu@loongson.cn \
--cc=yeoreum.yun@arm.com \
--cc=ysato@users.sourceforge.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox