On Tue, Jul 07, 2026 at 09:06:40PM +0200, Thomas Gleixner wrote: > From: Jinjie Ruan <[email protected]> > > The return value of __secure_computing() currently uses 0 to indicate > that a system call should be allowed, and -1 to indicate that it should > be blocked/killed. This 0/-1 pattern is non-intuitive for a security > check function and makes the control flow at the call sites less readable.
Conceptually, I'm good with this. Just make sure that the tools/testing/selftests/seccomp/seccomp_bpf tests still passes. :) -- Kees Cook
