From: Ingo Molnar <mingo@kernel.org>
To: Kees Cook <keescook@chromium.org>
Cc: linux-mips@linux-mips.org, linux-sh@vger.kernel.org,
Peter Zijlstra <peterz@infradead.org>,
Heiko Carstens <heiko.carstens@de.ibm.com>,
Paul Mackerras <paulus@samba.org>,
sparclinux@vger.kernel.org,
Stephen Rothwell <sfr@canb.auug.org.au>,
Jesper Nilsson <jesper.nilsson@axis.com>,
Russell King <linux@arm.linux.org.uk>,
Helge Deller <deller@gmx.de>,
x86@kernel.org, "James E.J. Bottomley" <jejb@parisc-linux.org>,
AKASHI Takahiro <takahiro.akashi@linaro.org>,
Frederic Weisbecker <fweisbec@gmail.com>,
James Hogan <james.hogan@imgtec.com>,
Laura Abbott <lauraa@codeaurora.org>,
linux-s390@vger.kernel.org, Will Deacon <will.deacon@arm.com>,
linux-arm-kernel@lists.infradead.org,
Michal Simek <monstr@monstr.eu>,
linux-parisc@vger.kernel.org, linux-kernel@vger.kernel.org,
Ralf Baechle <ralf@linux-mips.org>,
Daniel Borkmann <dborkman@redhat.com>,
Martin Schwidefsky <schwidefsky@de.ibm.com>,
linux390@de.ibm.com, Andrew Morton <akpm@linux-foundation.org>,
linuxppc-dev@lists.ozlabs.org,
"David S. Miller" <davem@davemloft.net>
Subject: Re: [PATCH v2] seccomp: switch to using asm-generic for seccomp.h
Date: Tue, 3 Mar 2015 09:30:02 +0100 [thread overview]
Message-ID: <20150303083002.GA1207@gmail.com> (raw)
In-Reply-To: <20150302231254.GA4857@www.outflux.net>
* Kees Cook <keescook@chromium.org> wrote:
> Most architectures don't need to do anything special for the strict
> seccomp syscall entries. Remove the redundant headers and reduce the
> others.
> 19 files changed, 27 insertions(+), 137 deletions(-)
Lovely cleanup factor.
Just to make sure, are you sure the 32-bit details are identical
across architectures?
For example some architectures did this:
> --- a/arch/microblaze/include/asm/seccomp.h
> +++ /dev/null
> @@ -1,16 +0,0 @@
> -#ifndef _ASM_MICROBLAZE_SECCOMP_H
> -#define _ASM_MICROBLAZE_SECCOMP_H
> -
> -#include <linux/unistd.h>
> -
> -#define __NR_seccomp_read __NR_read
> -#define __NR_seccomp_write __NR_write
> -#define __NR_seccomp_exit __NR_exit
> -#define __NR_seccomp_sigreturn __NR_sigreturn
> -
> -#define __NR_seccomp_read_32 __NR_read
> -#define __NR_seccomp_write_32 __NR_write
> -#define __NR_seccomp_exit_32 __NR_exit
> -#define __NR_seccomp_sigreturn_32 __NR_sigreturn
others did this:
> diff --git a/arch/x86/include/asm/seccomp_64.h b/arch/x86/include/asm/seccomp_64.h
> deleted file mode 100644
> index 84ec1bd161a5..000000000000
> --- a/arch/x86/include/asm/seccomp_64.h
> +++ /dev/null
> @@ -1,17 +0,0 @@
> -#ifndef _ASM_X86_SECCOMP_64_H
> -#define _ASM_X86_SECCOMP_64_H
> -
> -#include <linux/unistd.h>
> -#include <asm/ia32_unistd.h>
> -
> -#define __NR_seccomp_read __NR_read
> -#define __NR_seccomp_write __NR_write
> -#define __NR_seccomp_exit __NR_exit
> -#define __NR_seccomp_sigreturn __NR_rt_sigreturn
> -
> -#define __NR_seccomp_read_32 __NR_ia32_read
> -#define __NR_seccomp_write_32 __NR_ia32_write
> -#define __NR_seccomp_exit_32 __NR_ia32_exit
> -#define __NR_seccomp_sigreturn_32 __NR_ia32_sigreturn
> -
> -#endif /* _ASM_X86_SECCOMP_64_H */
While in yet another case you kept the syscall mappings:
> --- a/arch/x86/include/asm/seccomp.h
> +++ b/arch/x86/include/asm/seccomp.h
> @@ -1,5 +1,20 @@
> +#ifndef _ASM_X86_SECCOMP_H
> +#define _ASM_X86_SECCOMP_H
> +
> +#include <asm/unistd.h>
> +
> +#ifdef CONFIG_COMPAT
> +#include <asm/ia32_unistd.h>
> +#define __NR_seccomp_read_32 __NR_ia32_read
> +#define __NR_seccomp_write_32 __NR_ia32_write
> +#define __NR_seccomp_exit_32 __NR_ia32_exit
> +#define __NR_seccomp_sigreturn_32 __NR_ia32_sigreturn
> +#endif
> +
> #ifdef CONFIG_X86_32
> -# include <asm/seccomp_32.h>
> -#else
> -# include <asm/seccomp_64.h>
> +#define __NR_seccomp_sigreturn __NR_sigreturn
> #endif
> +
> +#include <asm-generic/seccomp.h>
> +
> +#endif /* _ASM_X86_SECCOMP_H */
It might all be correct, but it's not obvious to me.
Thanks,
Ingo
next prev parent reply other threads:[~2015-03-03 8:30 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-02 23:12 [PATCH v2] seccomp: switch to using asm-generic for seccomp.h Kees Cook
2015-03-03 8:30 ` Ingo Molnar [this message]
2015-03-03 17:56 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150303083002.GA1207@gmail.com \
--to=mingo@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=davem@davemloft.net \
--cc=dborkman@redhat.com \
--cc=deller@gmx.de \
--cc=fweisbec@gmail.com \
--cc=heiko.carstens@de.ibm.com \
--cc=james.hogan@imgtec.com \
--cc=jejb@parisc-linux.org \
--cc=jesper.nilsson@axis.com \
--cc=keescook@chromium.org \
--cc=lauraa@codeaurora.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@linux-mips.org \
--cc=linux-parisc@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux-sh@vger.kernel.org \
--cc=linux390@de.ibm.com \
--cc=linux@arm.linux.org.uk \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=monstr@monstr.eu \
--cc=paulus@samba.org \
--cc=peterz@infradead.org \
--cc=ralf@linux-mips.org \
--cc=schwidefsky@de.ibm.com \
--cc=sfr@canb.auug.org.au \
--cc=sparclinux@vger.kernel.org \
--cc=takahiro.akashi@linaro.org \
--cc=will.deacon@arm.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).