[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CACdnJuudpnaQ5YUhoxmxNWVdRB6v0u0Bf2O6NmYOXjp8_govyg@mail.gmail.com>
Date: Tue, 16 Jul 2019 13:32:33 -0700
From: Matthew Garrett <mjg59@...gle.com>
To: Daniel Borkmann <daniel@...earbox.net>
Cc: James Morris <jmorris@...ei.org>,
LSM List <linux-security-module@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Linux API <linux-api@...r.kernel.org>,
David Howells <dhowells@...hat.com>,
Alexei Starovoitov <alexei.starovoitov@...il.com>,
Network Development <netdev@...r.kernel.org>,
Chun-Yi Lee <jlee@...e.com>
Subject: Re: [PATCH V35 23/29] bpf: Restrict bpf when kernel lockdown is in
confidentiality mode
On Mon, Jul 15, 2019 at 3:54 PM Daniel Borkmann <daniel@...earbox.net> wrote:
> Hmm, does security_locked_down() ever return a code > 0 or why do you
> have the double check on return code? If not, then for clarity the
> ret code from security_locked_down() should be checked as 'ret < 0'
> as well and out label should be at the memset directly instead.
It doesn't, so I'll update. Thanks!
Powered by blists - more mailing lists