Cross Reference: /linux-master/samples/seccomp/user-trap.c

History log of /linux-master/samples/seccomp/user-trap.c
Revision	Date	Author	Comments
# 56af94aa	11-Feb-2024	Arnd Bergmann <arnd@arndb.de>	samples: user-trap: fix strict-aliasing warning I started getting warnings for this one file, though I can't see what changed since it was originally introduced in commit fec7b6690541 ("samples: add an example of seccomp user trap"). samples/seccomp/user-trap.c: In function 'send_fd': samples/seccomp/user-trap.c:50:11: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] 50 \| ((int )CMSG_DATA(cmsg)) = fd; \| ~^~~~~~~~~~~~~~~~~~~~~~~ samples/seccomp/user-trap.c: In function 'recv_fd': samples/seccomp/user-trap.c:83:18: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] 83 \| return ((int )CMSG_DATA(cmsg)); \| ~^~~~~~~~~~~~~~~~~~~~~~~ Using a temporary pointer variable avoids the warning. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Link: https://lore.kernel.org/r/20240212111737.917428-1-arnd@kernel.org Acked-by: Tycho Andersen <tandersen@netflix.com> Signed-off-by: Kees Cook <keescook@chromium.org>
# 771b894f	30-Dec-2019	Sargun Dhillon <sargun@sargun.me>	samples/seccomp: Zero out members based on seccomp_notif_sizes The sizes by which seccomp_notif and seccomp_notif_resp are allocated are based on the SECCOMP_GET_NOTIF_SIZES ioctl. This allows for graceful extension of these datastructures. If userspace zeroes out the datastructure based on its version, and it is lagging behind the kernel's version, it will end up sending trailing garbage. On the other hand, if it is ahead of the kernel version, it will write extra zero space, and potentially cause corruption. Signed-off-by: Sargun Dhillon <sargun@sargun.me> Suggested-by: Tycho Andersen <tycho@tycho.ws> Link: https://lore.kernel.org/r/20191230203503.4925-1-sargun@sargun.me Fixes: fec7b6690541 ("samples: add an example of seccomp user trap") Cc: stable@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org>
# fec7b669	09-Dec-2018	Tycho Andersen <tycho@tycho.pizza>	samples: add an example of seccomp user trap The idea here is just to give a demonstration of how one could safely use the SECCOMP_RET_USER_NOTIF feature to do mount policies. This particular policy is (as noted in the comment) not very interesting, but it serves to illustrate how one might apply a policy dodging the various TOCTOU issues. Signed-off-by: Tycho Andersen <tycho@tycho.ws> CC: Kees Cook <keescook@chromium.org> CC: Andy Lutomirski <luto@amacapital.net> CC: Oleg Nesterov <oleg@redhat.com> CC: Eric W. Biederman <ebiederm@xmission.com> CC: "Serge E. Hallyn" <serge@hallyn.com> CC: Christian Brauner <christian@brauner.io> CC: Tyler Hicks <tyhicks@canonical.com> CC: Akihiro Suda <suda.akihiro@lab.ntt.co.jp> Signed-off-by: Kees Cook <keescook@chromium.org>