On March 10, 2022 5:43:40 PM PST, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> wrote: > >The patch titled > Subject: kernel/seccomp.c: remove unreachable code >has been added to the -mm tree. Its filename is > kernel-seccompc-remove-unreachable-code.patch > >This patch should soon appear at > https://ozlabs.org/~akpm/mmots/broken-out/kernel-seccompc-remove-unreachable-code.patch >and later at > https://ozlabs.org/~akpm/mmotm/broken-out/kernel-seccompc-remove-unreachable-code.patch > >Before you just go and hit "reply", please: > a) Consider who else should be cc'ed > b) Prefer to cc a suitable mailing list as well > c) Ideally: find the original patch on the mailing list and do a > reply-to-all to that, adding suitable additional cc's > >*** Remember to use Documentation/process/submit-checklist.rst when testing your code *** > >The -mm tree is included into linux-next and is updated >there every 3-4 working days > >------------------------------------------------------ >From: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> >Subject: kernel/seccomp.c: remove unreachable code > >kernel/seccomp.c:1321 __secure_computing() warn: ignoring unreachable code. > >do_exit() is __noreturn. And if it does return, we fall into the BUG(), >which seems very appropriate. > >Link: https://lkml.kernel.org/r/622aa69f.XI8McBWG4GX/YDab%25lkp@xxxxxxxxx This URL does not work. Correct URL seems to be: https://lore.kernel.org/linux-mm/622aa69f.XI8McBWG4GX%2FYDab%25lkp@xxxxxxxxx/ I assume this is from the c11 change? >Reported-by: kernel test robot <lkp@xxxxxxxxx> >Cc: Kees Cook <keescook@xxxxxxxxxxxx> >Cc: Will Drewry <wad@xxxxxxxxxxxx> >Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx> >Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> >--- > > kernel/seccomp.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > >--- a/kernel/seccomp.c~kernel-seccompc-remove-unreachable-code >+++ a/kernel/seccomp.c >@@ -1317,8 +1317,7 @@ int __secure_computing(const struct secc > /* Surviving SECCOMP_RET_KILL_* must be proactively impossible. */ > case SECCOMP_MODE_DEAD: > WARN_ON_ONCE(1); >- do_exit(SIGKILL); >- return -1; >+ do_exit(SIGKILL); /* This is __noreturn */ This needs to either stay "return -1" or be swapped with an explicit "fallthrough;" statement so this can never fail open no matter what the compiler thinks about optimization, nor any changes to behavior of do_exit(). I'd prefer to fix this via the seccomp tree, regardless. -Kees > default: > BUG(); > } >_ > >Patches currently in -mm which might be from akpm@xxxxxxxxxxxxxxxxxxxx are > >memcg-sync-flush-only-if-periodic-flush-is-delayed-fix.patch >remove-bdi_congested-and-wb_congested-and-related-functions-fix.patch >mm.patch >documentation-vm-page_ownerrst-update-the-documentation-fix.patch >mm-list_lru-replace-linear-array-with-xarray-fix.patch >mm-hwpoison-inject-support-injecting-hwpoison-to-free-page-fix.patch >mm-export-pageheadhuge-fix.patch >userfaultfd-provide-unmasked-address-on-page-fault-v3-fix.patch >mm-mempolicy-convert-from-atomic_t-to-refcount_t-on-mempolicy-refcnt-fix.patch >mm-handle-uninitialized-numa-nodes-gracefully-fix.patch >mm-memory_hotplug-remove-obsolete-comment-of-__add_pages-fix.patch >proc-alloc-path_max-bytes-for-proc-pid-fd-symlinks-fix.patch >taskstats-remove-unneeded-dead-assignment-fix.patch >kernel-seccompc-remove-unreachable-code.patch >linux-next-rejects.patch >linux-next-git-rejects.patch >mm-oom_killc-fix-vm_oom_kill_table-ifdeffery.patch >kasan-improve-vmalloc-tests-fix-3-fix.patch >mm-slightly-clarify-ksm-logic-in-do_swap_page-fix.patch >mm-huge_memory-remove-stale-locking-logic-from-__split_huge_pmd-fix.patch >mutex-subsystem-synchro-test-module-fix.patch >kernel-forkc-export-kernel_thread-to-modules.patch > -- Kees Cook
