seccomp: ignore secure_computing return values
This change is inspired by https://lkml.org/lkml/2012/4/16/14 which fixes the build warnings for arches that don't support CONFIG_HAVE_ARCH_SECCOMP_FILTER. In particular, there is no requirement for the return value of secure_computing() to be checked unless the architecture supports seccomp filter. Instead of silencing the warnings with (void) a new static inline is added to encode the expected behavior in a compiler and human friendly way. v2: - cleans things up with a static inline - removes sfr's signed-off-by since it is a different approach v1: - matches sfr's original change Reported-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: Will Drewry <wad@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <james.l.morris@oracle.com>
This commit is contained in:
Will Drewry
James Morris
parent
b1fa650c7e
commit
e4da89d02f
8 changed files with 14 additions and 7 deletions
|
|
@ -75,6 +75,12 @@ static inline int secure_computing(int this_syscall)
|
|||
return 0;
|
||||
}
|
||||
|
||||
/* A wrapper for architectures supporting only SECCOMP_MODE_STRICT. */
|
||||
static inline void secure_computing_strict(int this_syscall)
|
||||
{
|
||||
BUG_ON(secure_computing(this_syscall) != 0);
|
||||
}
|
||||
|
||||
extern long prctl_get_seccomp(void);
|
||||
extern long prctl_set_seccomp(unsigned long, char __user *);
|
||||
|
||||
|
|
@ -91,6 +97,7 @@ struct seccomp { };
|
|||
struct seccomp_filter { };
|
||||
|
||||
static inline int secure_computing(int this_syscall) { return 0; }
|
||||
static inline void secure_computing_strict(int this_syscall) { return; }
|
||||
|
||||
static inline long prctl_get_seccomp(void)
|
||||
{
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue