* + kernel-seccompc-remove-unreachable-code.patch added to -mm tree
@ 2022-03-11 1:43 Andrew Morton
2022-03-11 6:05 ` Kees Cook
0 siblings, 1 reply; 2+ messages in thread
From: Andrew Morton @ 2022-03-11 1:43 UTC (permalink / raw)
To: mm-commits, wad, luto, lkp, keescook, akpm, akpm
The patch titled
Subject: kernel/seccomp.c: remove unreachable code
has been added to the -mm tree. Its filename is
kernel-seccompc-remove-unreachable-code.patch
This patch should soon appear at
https://ozlabs.org/~akpm/mmots/broken-out/kernel-seccompc-remove-unreachable-code.patch
and later at
https://ozlabs.org/~akpm/mmotm/broken-out/kernel-seccompc-remove-unreachable-code.patch
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: Andrew Morton <akpm@linux-foundation.org>
Subject: kernel/seccomp.c: remove unreachable code
kernel/seccomp.c:1321 __secure_computing() warn: ignoring unreachable code.
do_exit() is __noreturn. And if it does return, we fall into the BUG(),
which seems very appropriate.
Link: https://lkml.kernel.org/r/622aa69f.XI8McBWG4GX/YDab%25lkp@intel.com
Reported-by: kernel test robot <lkp@intel.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Will Drewry <wad@chromium.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---
kernel/seccomp.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
--- a/kernel/seccomp.c~kernel-seccompc-remove-unreachable-code
+++ a/kernel/seccomp.c
@@ -1317,8 +1317,7 @@ int __secure_computing(const struct secc
/* Surviving SECCOMP_RET_KILL_* must be proactively impossible. */
case SECCOMP_MODE_DEAD:
WARN_ON_ONCE(1);
- do_exit(SIGKILL);
- return -1;
+ do_exit(SIGKILL); /* This is __noreturn */
default:
BUG();
}
_
Patches currently in -mm which might be from akpm@linux-foundation.org are
memcg-sync-flush-only-if-periodic-flush-is-delayed-fix.patch
remove-bdi_congested-and-wb_congested-and-related-functions-fix.patch
mm.patch
documentation-vm-page_ownerrst-update-the-documentation-fix.patch
mm-list_lru-replace-linear-array-with-xarray-fix.patch
mm-hwpoison-inject-support-injecting-hwpoison-to-free-page-fix.patch
mm-export-pageheadhuge-fix.patch
userfaultfd-provide-unmasked-address-on-page-fault-v3-fix.patch
mm-mempolicy-convert-from-atomic_t-to-refcount_t-on-mempolicy-refcnt-fix.patch
mm-handle-uninitialized-numa-nodes-gracefully-fix.patch
mm-memory_hotplug-remove-obsolete-comment-of-__add_pages-fix.patch
proc-alloc-path_max-bytes-for-proc-pid-fd-symlinks-fix.patch
taskstats-remove-unneeded-dead-assignment-fix.patch
kernel-seccompc-remove-unreachable-code.patch
linux-next-rejects.patch
linux-next-git-rejects.patch
mm-oom_killc-fix-vm_oom_kill_table-ifdeffery.patch
kasan-improve-vmalloc-tests-fix-3-fix.patch
mm-slightly-clarify-ksm-logic-in-do_swap_page-fix.patch
mm-huge_memory-remove-stale-locking-logic-from-__split_huge_pmd-fix.patch
mutex-subsystem-synchro-test-module-fix.patch
kernel-forkc-export-kernel_thread-to-modules.patch
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: + kernel-seccompc-remove-unreachable-code.patch added to -mm tree
2022-03-11 1:43 + kernel-seccompc-remove-unreachable-code.patch added to -mm tree Andrew Morton
@ 2022-03-11 6:05 ` Kees Cook
0 siblings, 0 replies; 2+ messages in thread
From: Kees Cook @ 2022-03-11 6:05 UTC (permalink / raw)
To: Andrew Morton, mm-commits, wad, luto, lkp, akpm
On March 10, 2022 5:43:40 PM PST, Andrew Morton <akpm@linux-foundation.org> wrote:
>
>The patch titled
> Subject: kernel/seccomp.c: remove unreachable code
>has been added to the -mm tree. Its filename is
> kernel-seccompc-remove-unreachable-code.patch
>
>This patch should soon appear at
> https://ozlabs.org/~akpm/mmots/broken-out/kernel-seccompc-remove-unreachable-code.patch
>and later at
> https://ozlabs.org/~akpm/mmotm/broken-out/kernel-seccompc-remove-unreachable-code.patch
>
>Before you just go and hit "reply", please:
> a) Consider who else should be cc'ed
> b) Prefer to cc a suitable mailing list as well
> c) Ideally: find the original patch on the mailing list and do a
> reply-to-all to that, adding suitable additional cc's
>
>*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
>
>The -mm tree is included into linux-next and is updated
>there every 3-4 working days
>
>------------------------------------------------------
>From: Andrew Morton <akpm@linux-foundation.org>
>Subject: kernel/seccomp.c: remove unreachable code
>
>kernel/seccomp.c:1321 __secure_computing() warn: ignoring unreachable code.
>
>do_exit() is __noreturn. And if it does return, we fall into the BUG(),
>which seems very appropriate.
>
>Link: https://lkml.kernel.org/r/622aa69f.XI8McBWG4GX/YDab%25lkp@intel.com
This URL does not work. Correct URL seems to be: https://lore.kernel.org/linux-mm/622aa69f.XI8McBWG4GX%2FYDab%25lkp@intel.com/
I assume this is from the c11 change?
>Reported-by: kernel test robot <lkp@intel.com>
>Cc: Kees Cook <keescook@chromium.org>
>Cc: Will Drewry <wad@chromium.org>
>Cc: Andy Lutomirski <luto@amacapital.net>
>Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
>---
>
> kernel/seccomp.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
>--- a/kernel/seccomp.c~kernel-seccompc-remove-unreachable-code
>+++ a/kernel/seccomp.c
>@@ -1317,8 +1317,7 @@ int __secure_computing(const struct secc
> /* Surviving SECCOMP_RET_KILL_* must be proactively impossible. */
> case SECCOMP_MODE_DEAD:
> WARN_ON_ONCE(1);
>- do_exit(SIGKILL);
>- return -1;
>+ do_exit(SIGKILL); /* This is __noreturn */
This needs to either stay "return -1" or be swapped with an explicit "fallthrough;" statement so this can never fail open no matter what the compiler thinks about optimization, nor any changes to behavior of do_exit().
I'd prefer to fix this via the seccomp tree, regardless.
-Kees
> default:
> BUG();
> }
>_
>
>Patches currently in -mm which might be from akpm@linux-foundation.org are
>
>memcg-sync-flush-only-if-periodic-flush-is-delayed-fix.patch
>remove-bdi_congested-and-wb_congested-and-related-functions-fix.patch
>mm.patch
>documentation-vm-page_ownerrst-update-the-documentation-fix.patch
>mm-list_lru-replace-linear-array-with-xarray-fix.patch
>mm-hwpoison-inject-support-injecting-hwpoison-to-free-page-fix.patch
>mm-export-pageheadhuge-fix.patch
>userfaultfd-provide-unmasked-address-on-page-fault-v3-fix.patch
>mm-mempolicy-convert-from-atomic_t-to-refcount_t-on-mempolicy-refcnt-fix.patch
>mm-handle-uninitialized-numa-nodes-gracefully-fix.patch
>mm-memory_hotplug-remove-obsolete-comment-of-__add_pages-fix.patch
>proc-alloc-path_max-bytes-for-proc-pid-fd-symlinks-fix.patch
>taskstats-remove-unneeded-dead-assignment-fix.patch
>kernel-seccompc-remove-unreachable-code.patch
>linux-next-rejects.patch
>linux-next-git-rejects.patch
>mm-oom_killc-fix-vm_oom_kill_table-ifdeffery.patch
>kasan-improve-vmalloc-tests-fix-3-fix.patch
>mm-slightly-clarify-ksm-logic-in-do_swap_page-fix.patch
>mm-huge_memory-remove-stale-locking-logic-from-__split_huge_pmd-fix.patch
>mutex-subsystem-synchro-test-module-fix.patch
>kernel-forkc-export-kernel_thread-to-modules.patch
>
--
Kees Cook
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-03-11 6:06 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-11 1:43 + kernel-seccompc-remove-unreachable-code.patch added to -mm tree Andrew Morton
2022-03-11 6:05 ` Kees Cook
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).