[PATCH 1/3] seccomp: change return type of seccomp_get_metadata to int

Fri, 28 Sep 2018 08:47:39 -0700 

As Jann pointed out in another thread, ptrace_requiest() returns an int, so
it makes sense for seccomp_get_metdata() to return an int as well. The
return type of seccomp_get_metadata() is bounded by sizeof(kmd), so this
conversion is safe.

Signed-off-by: Tycho Andersen <ty...@tycho.ws>
Reported-by: Jann Horn <ja...@google.com>
CC: Kees Cook <keesc...@chromium.org>
CC: Andy Lutomirski <l...@amacapital.net>
---
 include/linux/seccomp.h | 10 +++++-----
 kernel/seccomp.c        |  6 +++---
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/include/linux/seccomp.h b/include/linux/seccomp.h
index e5320f6c8654..af972549a7b4 100644
--- a/include/linux/seccomp.h
+++ b/include/linux/seccomp.h
@@ -96,17 +96,17 @@ static inline void get_seccomp_filter(struct task_struct 
*tsk)
 #if defined(CONFIG_SECCOMP_FILTER) && defined(CONFIG_CHECKPOINT_RESTORE)
 extern long seccomp_get_filter(struct task_struct *task,
                               unsigned long filter_off, void __user *data);
-extern long seccomp_get_metadata(struct task_struct *task,
-                                unsigned long filter_off, void __user *data);
+extern int seccomp_get_metadata(struct task_struct *task,
+                               unsigned long filter_off, void __user *data);
 #else
 static inline long seccomp_get_filter(struct task_struct *task,
                                      unsigned long n, void __user *data)
 {
        return -EINVAL;
 }
-static inline long seccomp_get_metadata(struct task_struct *task,
-                                       unsigned long filter_off,
-                                       void __user *data)
+static inline int seccomp_get_metadata(struct task_struct *task,
+                                      unsigned long filter_off,
+                                      void __user *data)
 {
        return -EINVAL;
 }
diff --git a/kernel/seccomp.c b/kernel/seccomp.c
index fd023ac24e10..9f3721849747 100644
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -1068,10 +1068,10 @@ long seccomp_get_filter(struct task_struct *task, 
unsigned long filter_off,
        return ret;
 }
 
-long seccomp_get_metadata(struct task_struct *task,
-                         unsigned long size, void __user *data)
+int seccomp_get_metadata(struct task_struct *task,
+                        unsigned long size, void __user *data)
 {
-       long ret;
+       int ret;
        struct seccomp_filter *filter;
        struct seccomp_metadata kmd = {};
 
-- 
2.17.1

Reply via email to