[GIT PULL] seccomp update for v5.18-rc1

[GIT PULL] seccomp update for v5.18-rc1

[Kees Cook]

Hi Linus,

Please pull this tiny seccomp update for v5.18-rc1.

Thanks!

-Kees

The following changes since commit eed09ad261822a7bdc441ed192c6f444375e5527:

  samples/seccomp: Adjust sample to also provide kill option (2022-02-10 19:09:12 -0800)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/seccomp-v5.18-rc1

for you to fetch changes up to b5caa8dd9cc8ad5126f06e9266c326d38a1fc6d2:

  samples/seccomp: Improve arch hints (2022-02-13 10:16:25 -0800)

----------------------------------------------------------------
seccomp update for v5.18-rc1

- Improve architecture hints in sample (Kees Cook)

----------------------------------------------------------------
Kees Cook (1):
      samples/seccomp: Improve arch hints

 samples/seccomp/dropper.c | 84 ++++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 73 insertions(+), 11 deletions(-)

-- 
Kees Cook

Re: [GIT PULL] seccomp update for v5.18-rc1

[Linus Torvalds]

On Mon, Mar 21, 2022 at 8:07 AM Kees Cook <keescook@chromium.org> wrote:
>
> Please pull this tiny seccomp update for v5.18-rc1.

Well, that *really* didn't work at all.

  In file included from samples/seccomp/dropper.c:29:
  usr/include/linux/ptrace.h:50: warning: "PTRACE_GETREGSET" redefined
     50 | #define PTRACE_GETREGSET        0x4204
        |
   In file included from samples/seccomp/dropper.c:24:
  /usr/include/sys/ptrace.h:153: note: this is the location of the
previous definition
    153 | #define PTRACE_GETREGSET PTRACE_GETREGSET
        |
  [...]

.. and a lot of similar warnings.

Yeah, that sample code is horrible, and mixes kernel headers with
regular user-space headers.

It did that before too, it just does it much more now, and simply
doesn't work. I'm sure this probably only happens on some distros, but
that's what you get when you play those kinds of broken games.

Pulled and immediately unpulled. That sample probably needs to just be removed.

                     Linus

Re: [GIT PULL] seccomp update for v5.18-rc1

[Kees Cook]

On March 21, 2022 7:45:51 PM PDT, Linus Torvalds <torvalds@linux-foundation.org> wrote:
>On Mon, Mar 21, 2022 at 8:07 AM Kees Cook <keescook@chromium.org> wrote:
>>
>> Please pull this tiny seccomp update for v5.18-rc1.
>
>Well, that *really* didn't work at all.
>
>  In file included from samples/seccomp/dropper.c:29:
>  usr/include/linux/ptrace.h:50: warning: "PTRACE_GETREGSET" redefined
>     50 | #define PTRACE_GETREGSET        0x4204
>        |
>   In file included from samples/seccomp/dropper.c:24:
>  /usr/include/sys/ptrace.h:153: note: this is the location of the
>previous definition
>    153 | #define PTRACE_GETREGSET PTRACE_GETREGSET
>        |
>  [...]
>
>.. and a lot of similar warnings.

Oh, eww. Apologies! That didn't happen for my builders, but yeah, that code is super fragile anyway, so this just confirms my suspicion that the changes weren't useful. I'll drop it from my tree.

-- 
Kees Cook