Re: WTF: patch "[PATCH] seccomp: make function __get_seccomp_filter static" was seriously submitted to be applied to the 4.13-stable tree?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12/10/17 15:18, Kees Cook wrote:
> On Thu, Oct 12, 2017 at 4:45 AM, Colin Ian King
> <colin.king@xxxxxxxxxxxxx> wrote:
>> On 12/10/17 12:39, gregkh@xxxxxxxxxxxxxxxxxxx wrote:
>>> The patch below was submitted to be applied to the 4.13-stable tree.
>>>
>>> I fail to see how this patch meets the stable kernel rules as found at
>>> Documentation/process/stable-kernel-rules.rst.
>>>
>>> I could be totally wrong, and if so, please respond to
>>> <stable@xxxxxxxxxxxxxxx> and let me know why this patch should be
>>> applied.  Otherwise, it is now dropped from my patch queues, never to be
>>> seen again.
>>
>> I'm fairly sure my original patch didn't cc stable, so not sure why it
>> ended up here either.
>>
>> Colin
>>
>>>
>>> thanks,
>>>
>>> greg k-h
>>>
>>> ------------------ original commit in Linus's tree ------------------
>>>
>>> From 084f5601c357e4ee59cf0712200d3f5c4710ba40 Mon Sep 17 00:00:00 2001
>>> From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
>>> Date: Fri, 29 Sep 2017 14:26:48 +0100
>>> Subject: [PATCH] seccomp: make function __get_seccomp_filter static
>>>
>>> The function __get_seccomp_filter is local to the source and does
>>> not need to be in global scope, so make it static.
>>>
>>> Cleans up sparse warning:
>>> symbol '__get_seccomp_filter' was not declared. Should it be static?
>>>
>>> Signed-off-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>
>>> Fixes: 66a733ea6b61 ("seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter()")
>>> Cc: stable@xxxxxxxxxxxxxxx
>>> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
>>>
>>> diff --git a/kernel/seccomp.c b/kernel/seccomp.c
>>> index bb3a38005b9c..0ae832e13b97 100644
>>> --- a/kernel/seccomp.c
>>> +++ b/kernel/seccomp.c
>>> @@ -473,7 +473,7 @@ static long seccomp_attach_filter(unsigned int flags,
>>>       return 0;
>>>  }
>>>
>>> -void __get_seccomp_filter(struct seccomp_filter *filter)
>>> +static void __get_seccomp_filter(struct seccomp_filter *filter)
>>>  {
>>>       /* Reference count is bounded by the number of total processes. */
>>>       refcount_inc(&filter->usage);
>>>
> 
> I added this to -stable because the prior patch (66a733ea6b61) that
> went to stable introduced a regression for Sparse. Is this not okay?
> 
> -Kees
> 
I don't think it's a regression per-se, it's just a warning found by
static analysis tools and it won't show up in normal gcc builds.

Colin




[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]