On Sat, Dec 28, 2019 at 01:48:51AM +0000, Sargun Dhillon wrote:
> This patch is a small change in enforcement of the uapi for
> SECCOMP_IOCTL_NOTIF_RECV ioctl. Specifically, the datastructure which
> is passed (seccomp_notif) must be zeroed out. Previously any of its
> members could be set to nonsense values, and we would ignore it.
>
> This ensures all fields are set to their zero value.
>
> This relies on the seccomp_notif datastructure to not have
> any unnamed padding, as it is valid to initialize the datastructure
> as:
>
> struct seccomp_notif notif = {};
>
> This only initializes named members to their 0-value [1].
>
> [1]: https://lore.kernel.org/lkml/20191227023131.klnobtlfgeqcmvbb@xxxxxxxxxxxxxxxxxxxx/
>
> Signed-off-by: Sargun Dhillon <sargun@xxxxxxxxx>
Acked-by: Tycho Andersen <tycho@xxxxxxxx>
