Re: WTF: patch "[PATCH] seccomp: make function __get_seccomp_filter static" was seriously submitted to be applied to the 4.13-stable tree?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, Oct 12, 2017 at 4:45 AM, Colin Ian King
<colin.king@xxxxxxxxxxxxx> wrote:
> On 12/10/17 12:39, gregkh@xxxxxxxxxxxxxxxxxxx wrote:
>> The patch below was submitted to be applied to the 4.13-stable tree.
>>
>> I fail to see how this patch meets the stable kernel rules as found at
>> Documentation/process/stable-kernel-rules.rst.
>>
>> I could be totally wrong, and if so, please respond to
>> <stable@xxxxxxxxxxxxxxx> and let me know why this patch should be
>> applied.  Otherwise, it is now dropped from my patch queues, never to be
>> seen again.
>
> I'm fairly sure my original patch didn't cc stable, so not sure why it
> ended up here either.
>
> Colin
>
>>
>> thanks,
>>
>> greg k-h
>>
>> ------------------ original commit in Linus's tree ------------------
>>
>> From 084f5601c357e4ee59cf0712200d3f5c4710ba40 Mon Sep 17 00:00:00 2001
>> From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
>> Date: Fri, 29 Sep 2017 14:26:48 +0100
>> Subject: [PATCH] seccomp: make function __get_seccomp_filter static
>>
>> The function __get_seccomp_filter is local to the source and does
>> not need to be in global scope, so make it static.
>>
>> Cleans up sparse warning:
>> symbol '__get_seccomp_filter' was not declared. Should it be static?
>>
>> Signed-off-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>
>> Fixes: 66a733ea6b61 ("seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter()")
>> Cc: stable@xxxxxxxxxxxxxxx
>> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
>>
>> diff --git a/kernel/seccomp.c b/kernel/seccomp.c
>> index bb3a38005b9c..0ae832e13b97 100644
>> --- a/kernel/seccomp.c
>> +++ b/kernel/seccomp.c
>> @@ -473,7 +473,7 @@ static long seccomp_attach_filter(unsigned int flags,
>>       return 0;
>>  }
>>
>> -void __get_seccomp_filter(struct seccomp_filter *filter)
>> +static void __get_seccomp_filter(struct seccomp_filter *filter)
>>  {
>>       /* Reference count is bounded by the number of total processes. */
>>       refcount_inc(&filter->usage);
>>

I added this to -stable because the prior patch (66a733ea6b61) that
went to stable introduced a regression for Sparse. Is this not okay?

-Kees

-- 
Kees Cook
Pixel Security
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]