• Tycho Andersen's avatar
    seccomp: hoist struct seccomp_data recalculation higher · db511391
    Tycho Andersen authored
    In the next patch, we're going to use the sd pointer passed to
    __seccomp_filter() as the data to pass to userspace. Except that in some
    cases (__seccomp_filter(SECCOMP_RET_TRACE), emulate_vsyscall(), every time
    seccomp is inovked on power, etc.) the sd pointer will be NULL in order to
    force seccomp to recompute the register data. Previously this recomputation
    happened one level lower, in seccomp_run_filters(); this patch just moves
    it up a level higher to __seccomp_filter().
    
    Thanks Oleg for spotting this.
    Signed-off-by: default avatarTycho Andersen <tycho@tycho.ws>
    CC: Kees Cook <keescook@chromium.org>
    CC: Andy Lutomirski <luto@amacapital.net>
    CC: Oleg Nesterov <oleg@redhat.com>
    CC: Eric W. Biederman <ebiederm@xmission.com>
    CC: "Serge E. Hallyn" <serge@hallyn.com>
    Acked-by: default avatarSerge Hallyn <serge@hallyn.com>
    CC: Christian Brauner <christian@brauner.io>
    CC: Tyler Hicks <tyhicks@canonical.com>
    CC: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
    Signed-off-by: default avatarKees Cook <keescook@chromium.org>
    db511391
seccomp.c 34.3 KB