On Tue, Jan 28, 2025 at 4:03 PM Oleg Nesterov <oleg@xxxxxxxxxx> wrote:
> Depending on CONFIG_HAVE_ARCH_SECCOMP_FILTER, __secure_computing(NULL)
> will crash or not. This is not consistent/safe, especially considering
> that after the previous change __secure_computing(sd) is always called
> with sd == NULL.
>
> Fortunately, if CONFIG_HAVE_ARCH_SECCOMP_FILTER=n, __secure_computing()
> has no callers, these architectures use secure_computing_strict(). Yet
> it make sense make __secure_computing(NULL) safe in this case.
>
> Note also that with this change we can unexport secure_computing_strict()
> and change the current callers to use __secure_computing(NULL).
>
> Fixes: 8cf8dfceebda ("seccomp: Stub for !HAVE_ARCH_SECCOMP_FILTER")
> Signed-off-by: Oleg Nesterov <oleg@xxxxxxxxxx>
I had no idea it was this complex, thanks a lot for looking into this Oleg!
Reviewed-by: Linus Walleij <linus.walleij@xxxxxxxxxx>
Yours,
Linus Walleij
