Re: [PATCH 1/5] seccomp: Add find_notification helper

[PATCH 0/5] Add seccomp notifier ioctl that enables adding fds · Sargun Dhillon <hidden> · 2020-05-24
[PATCH 1/5] seccomp: Add find_notification helper · Sargun Dhillon <hidden> · 2020-05-24
Re: [PATCH 1/5] seccomp: Add find_notification helper · Tycho Andersen <hidden> · 2020-05-24
Re: [PATCH 1/5] seccomp: Add find_notification helper · Christian Brauner <hidden> · 2020-05-25
[PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Sargun Dhillon <hidden> · 2020-05-24
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Tycho Andersen <hidden> · 2020-05-24
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Tycho Andersen <hidden> · 2020-05-24
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Al Viro <viro@zeniv.linux.org.uk> · 2020-05-25
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Sargun Dhillon <hidden> · 2020-05-25
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Al Viro <viro@zeniv.linux.org.uk> · 2020-05-25
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Christian Brauner <hidden> · 2020-05-25
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Sargun Dhillon <hidden> · 2020-05-26
Re: [PATCH 2/5] seccomp: Introduce addfd ioctl to seccomp user notifier · Christian Brauner <hidden> · 2020-05-26
[PATCH 3/5] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD · Sargun Dhillon <hidden> · 2020-05-24
[PATCH 4/5] seccomp: Add SECCOMP_ADDFD_FLAG_MOVE flag to add fd ioctl · Sargun Dhillon <hidden> · 2020-05-24
Re: [PATCH 4/5] seccomp: Add SECCOMP_ADDFD_FLAG_MOVE flag to add fd ioctl · Christian Brauner <hidden> · 2020-05-25
Re: [PATCH 4/5] seccomp: Add SECCOMP_ADDFD_FLAG_MOVE flag to add fd ioctl · Sargun Dhillon <hidden> · 2020-05-26
[PATCH 5/5] selftests/seccomp: Add test for addfd move semantics · Sargun Dhillon <hidden> · 2020-05-24

From: Tycho Andersen <hidden>
Date: 2020-05-24 23:55:27
Also in: lkml

On Sun, May 24, 2020 at 04:39:38PM -0700, Sargun Dhillon wrote:

quoted hunk ↗ jump to hunk

This adds a helper which can iterate through a seccomp_filter to
find a notification matching an ID. It removes several replicated
chunks of code.

Signed-off-by: Sargun Dhillon <redacted>
Cc: Matt Denton <redacted>
Cc: Kees Cook <redacted>,
Cc: Jann Horn <jannh@google.com>,
Cc: Robert Sesek <redacted>,
Cc: Chris Palmer <redacted>
Cc: Christian Brauner <redacted>
Cc: Tycho Andersen <redacted>
---
 kernel/seccomp.c | 38 +++++++++++++++++++++-----------------
 1 file changed, 21 insertions(+), 17 deletions(-)

diff --git a/kernel/seccomp.c b/kernel/seccomp.c
index 55a6184f5990..f6ce94b7a167 100644
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c

@@ -1021,10 +1021,25 @@ static int seccomp_notify_release(struct inode *inode, struct file *file)
 	return 0;
 }
 
+/* must be called with notif_lock held */
+static inline struct seccomp_knotif *
+find_notification(struct seccomp_filter *filter, u64 id)
+{
+	struct seccomp_knotif *cur;
+
+	list_for_each_entry(cur, &filter->notif->notifications, list) {
+		if (cur->id == id)
+			return cur;
+	}
+
+	return NULL;
+}

I think there's also an instance of this in _send() that we can change
to use find_notification() as well.

Tycho

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help