From: Thomas Gleixner <tglx@kernel.org>
To: "Michal Suchánek" <msuchanek@suse.de>,
"Jinjie Ruan" <ruanjinjie@huawei.com>
Cc: oleg@redhat.com, richard.henderson@linaro.org,
mattst88@gmail.com, linmag7@gmail.com, linux@armlinux.org.uk,
catalin.marinas@arm.com, will@kernel.org, kees@kernel.org,
guoren@kernel.org, chenhuacai@kernel.org, kernel@xen0n.name,
geert@linux-m68k.org, tsbogend@alpha.franken.de,
James.Bottomley@hansenpartnership.com, deller@gmx.de,
maddy@linux.ibm.com, mpe@ellerman.id.au, npiggin@gmail.com,
chleroy@kernel.org, pjw@kernel.org, palmer@dabbelt.com,
aou@eecs.berkeley.edu, alex@ghiti.fr, hca@linux.ibm.com,
gor@linux.ibm.com, agordeev@linux.ibm.com,
borntraeger@linux.ibm.com, svens@linux.ibm.com,
ysato@users.sourceforge.jp, dalias@libc.org,
glaubitz@physik.fu-berlin.de, richard@nod.at,
anton.ivanov@cambridgegreys.com, johannes@sipsolutions.net,
luto@kernel.org, mingo@redhat.com, bp@alien8.de,
dave.hansen@linux.intel.com, hpa@zytor.com, chris@zankel.net,
jcmvbkbc@gmail.com, peterz@infradead.org, wad@chromium.org,
thuth@redhat.com, mark.rutland@arm.com, ada.coupriediaz@arm.com,
kevin.brodsky@arm.com, linusw@kernel.org, yeoreum.yun@arm.com,
song@kernel.org, james.morse@arm.com, anshuman.khandual@arm.com,
broonie@kernel.org, liqiang01@kylinos.cn, pengcan@kylinos.cn,
ryan.roberts@arm.com, yangtiezhu@loongson.cn,
sshegde@linux.ibm.com, mchauras@linux.ibm.com,
austin.kim@lge.com, jchrist@linux.ibm.com, arnd@arndb.de,
thomas.weissschuh@linutronix.de, sohil.mehta@intel.com,
andrew.cooper3@citrix.com, jgross@suse.com, kas@kernel.org,
x86@kernel.org, linux-alpha@vger.kernel.org,
linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org, linux-mm@kvack.org,
linux-csky@vger.kernel.org, loongarch@lists.linux.dev,
linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org,
linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
linux-riscv@lists.infradead.org, linux-s390@vger.kernel.org,
linux-sh@vger.kernel.org, linux-um@lists.infradead.org
Subject: Re: [PATCH v16 01/18] seccomp: Convert __secure_computing() to return boolean
Date: Fri, 03 Jul 2026 11:48:49 +0200 [thread overview]
Message-ID: <87cxx4mmim.ffs@fw13> (raw)
In-Reply-To: <akdp6GAu77-ipsXA@kunlun.suse.cz>
On Fri, Jul 03 2026 at 09:51, Michal Suchánek wrote:
> On Mon, Jun 29, 2026 at 09:05:59PM +0800, Jinjie Ruan wrote:
>> - if (secure_computing())
>> + if (!secure_computing())
>> return -1;
>
> Hello,
>
> I am not fond of this logic inversion. The boolean is meaningless in
> itself.
>
> Previously -1 was used to indicate that the syscall was filtered but you
> chose to invert the logic choosing true to mean syscall was not filtered.
>
> You could choose true to mean that syscall was fitered avoiding this
> inversion.
That's just wrong. Boolean logic makes more sense with having
(!condition()). Just because the old 0/-1 nonsense had it the other way
round does not mean it has to stay that way.
> Sashiko points out some places in existing code where it supposedly
> explodes which might or might not be true
The vsyscall one is correct, but that's a bug like any other one and should
be caught in review.
The blurb about bypass is AI halluzination nonsense.
> but any in-flight patches that use secure_computing would also be
> affected.
Maintainers know how to deal with collisions of that kind. Stop making
problems up.
next prev parent reply other threads:[~2026-07-03 9:48 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-29 13:05 [PATCH v16 00/18] arm64: entry: Convert to Generic Entry Jinjie Ruan
2026-06-29 13:05 ` [PATCH v16 01/18] seccomp: Convert __secure_computing() to return boolean Jinjie Ruan
2026-06-29 13:16 ` sashiko-bot
2026-06-30 16:37 ` Ada Couprie Diaz
2026-07-03 7:51 ` Michal Suchánek
2026-07-03 9:48 ` Thomas Gleixner [this message]
2026-07-03 10:00 ` Mark Rutland
2026-07-03 10:27 ` Michal Suchánek
2026-07-03 11:59 ` Kevin Brodsky
2026-06-29 13:06 ` [PATCH v16 02/18] syscall_user_dispatch: Introduce a weak fallback for arch_syscall_is_vdso_sigreturn() Jinjie Ruan
2026-07-03 11:13 ` Mukesh Kumar Chaurasiya
2026-07-03 11:43 ` Mark Rutland
2026-06-29 13:06 ` [PATCH v16 03/18] arm64: ptrace: Pass thread flags to syscall_trace_enter/exit() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 04/18] arm64: ptrace: Use syscall_get_nr() helper for syscall_trace_enter() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 05/18] arm64: ptrace: Expand secure_computing() in place Jinjie Ruan
2026-06-29 13:29 ` sashiko-bot
2026-06-29 13:06 ` [PATCH v16 06/18] arm64: ptrace: Use syscall_get_arguments() helper for audit Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 07/18] arm64: ptrace: Protect rseq_syscall() from tracer PC modifications Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 08/18] arm64: ptrace: Rename syscall_trace_exit() to syscall_exit_work() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 09/18] arm64: syscall: Rework the syscall exit path in el0_svc_common() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 10/18] arm64: ptrace: Extract syscall_exit_to_user_mode_work() helper Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 11/18] arm64: ptrace: Align syscall exit work semantics with generic entry Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 12/18] arm64: syscall: Use exit-specific flags check in el0_svc_common() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 13/18] arm64: syscall: Simplify el0_svc_common() syscall exit path Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 14/18] arm64: syscall: Simplify syscall exit path in el0_svc_common() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 15/18] arm64: ptrace: Skip syscall exit reporting for PTRACE_SYSEMU_SINGLESTEP Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 16/18] arm64: entry: Convert to generic entry Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 17/18] arm64: Inline el0_svc_common() Jinjie Ruan
2026-06-29 13:06 ` [PATCH v16 18/18] arm64: vdso: Expose sigreturn address on vdso to the kernel Jinjie Ruan
2026-06-30 15:32 ` Thomas Weißschuh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87cxx4mmim.ffs@fw13 \
--to=tglx@kernel.org \
--cc=James.Bottomley@hansenpartnership.com \
--cc=ada.coupriediaz@arm.com \
--cc=agordeev@linux.ibm.com \
--cc=alex@ghiti.fr \
--cc=andrew.cooper3@citrix.com \
--cc=anshuman.khandual@arm.com \
--cc=anton.ivanov@cambridgegreys.com \
--cc=aou@eecs.berkeley.edu \
--cc=arnd@arndb.de \
--cc=austin.kim@lge.com \
--cc=borntraeger@linux.ibm.com \
--cc=bp@alien8.de \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=chenhuacai@kernel.org \
--cc=chleroy@kernel.org \
--cc=chris@zankel.net \
--cc=dalias@libc.org \
--cc=dave.hansen@linux.intel.com \
--cc=deller@gmx.de \
--cc=geert@linux-m68k.org \
--cc=glaubitz@physik.fu-berlin.de \
--cc=gor@linux.ibm.com \
--cc=guoren@kernel.org \
--cc=hca@linux.ibm.com \
--cc=hpa@zytor.com \
--cc=james.morse@arm.com \
--cc=jchrist@linux.ibm.com \
--cc=jcmvbkbc@gmail.com \
--cc=jgross@suse.com \
--cc=johannes@sipsolutions.net \
--cc=kas@kernel.org \
--cc=kees@kernel.org \
--cc=kernel@xen0n.name \
--cc=kevin.brodsky@arm.com \
--cc=linmag7@gmail.com \
--cc=linusw@kernel.org \
--cc=linux-alpha@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-csky@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-m68k@lists.linux-m68k.org \
--cc=linux-mips@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-parisc@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux-sh@vger.kernel.org \
--cc=linux-um@lists.infradead.org \
--cc=linux@armlinux.org.uk \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=liqiang01@kylinos.cn \
--cc=loongarch@lists.linux.dev \
--cc=luto@kernel.org \
--cc=maddy@linux.ibm.com \
--cc=mark.rutland@arm.com \
--cc=mattst88@gmail.com \
--cc=mchauras@linux.ibm.com \
--cc=mingo@redhat.com \
--cc=mpe@ellerman.id.au \
--cc=msuchanek@suse.de \
--cc=npiggin@gmail.com \
--cc=oleg@redhat.com \
--cc=palmer@dabbelt.com \
--cc=pengcan@kylinos.cn \
--cc=peterz@infradead.org \
--cc=pjw@kernel.org \
--cc=richard.henderson@linaro.org \
--cc=richard@nod.at \
--cc=ruanjinjie@huawei.com \
--cc=ryan.roberts@arm.com \
--cc=sohil.mehta@intel.com \
--cc=song@kernel.org \
--cc=sshegde@linux.ibm.com \
--cc=svens@linux.ibm.com \
--cc=thomas.weissschuh@linutronix.de \
--cc=thuth@redhat.com \
--cc=tsbogend@alpha.franken.de \
--cc=wad@chromium.org \
--cc=will@kernel.org \
--cc=x86@kernel.org \
--cc=yangtiezhu@loongson.cn \
--cc=yeoreum.yun@arm.com \
--cc=ysato@users.sourceforge.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox