lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 5 Jun 2015 16:06:19 -0600
From:	Tycho Andersen <tycho.andersen@...onical.com>
To:	Oleg Nesterov <oleg@...hat.com>
Cc:	linux-kernel@...r.kernel.org, linux-api@...r.kernel.org,
	Kees Cook <keescook@...omium.org>,
	Andy Lutomirski <luto@...capital.net>,
	Will Drewry <wad@...omium.org>,
	Roland McGrath <roland@...k.frob.com>,
	Pavel Emelyanov <xemul@...allels.com>,
	"Serge E. Hallyn" <serge.hallyn@...ntu.com>
Subject: Re: [PATCH v3] seccomp: add ptrace options for suspend/resume

On Fri, Jun 05, 2015 at 11:52:08PM +0200, Oleg Nesterov wrote:
> Tycho,
> 
> I hate myself, but I have another nit ;) again, it is not that I think
> you should updtate the patch, just fyi...

No worries :)

> On 06/05, Tycho Andersen wrote:
> >
> > --- a/include/linux/seccomp.h
> > +++ b/include/linux/seccomp.h
> > @@ -95,4 +95,14 @@ static inline void get_seccomp_filter(struct task_struct *tsk)
> >  	return;
> >  }
> >  #endif /* CONFIG_SECCOMP_FILTER */
> > +
> > +#ifdef CONFIG_CHECKPOINT_RESTORE
> > +extern bool may_suspend_seccomp(void);
> > +#else
> > +static inline bool may_suspend_seccomp(void)
> > +{
> > +	return false;
> > +}
> > +#endif
> 
> This looks wrong. There is no "extern may_suspend_seccomp()" if
> CONFIG_SECCOMP=n, kernel/seccomp.c is not compiled. So you need another
> ifdef(CONFIG_SECCOMP).
> 
> At the same time this does not matter and you do not need the dummy
> "inline" version at all:
> 
> > @@ -556,6 +557,15 @@ static int ptrace_setoptions(struct task_struct *child, unsigned long data)
> >  	if (data & ~(unsigned long)PTRACE_O_MASK)
> >  		return -EINVAL;
> >  
> > +	if (unlikely(data & PTRACE_O_SUSPEND_SECCOMP)) {
> > +		if (!config_enabled(CONFIG_CHECKPOINT_RESTORE) ||
> > +		    !config_enabled(CONFIG_SECCOMP))
> > +			return -EINVAL;
> > +
> > +		if (!may_suspend_seccomp())
> > +			return -EPERM;
> 
> gcc will optimize out may_suspend_seccomp() unless both options are
> enabled.

Whoops, yes, you're right. I did build test in all the configurations
to catch stuff like this, but gcc was too smart for me. What's the
right thing to do, just leave out the definition of
may_suspend_seccomp all together, or add in another if defined() in
the header?

Maybe we will get rid of this pesky function all together though...

Tycho
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ