lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Nov 2021 15:54:02 -0800 From: Kees Cook <keescook@...omium.org> To: "Eric W. Biederman" <ebiederm@...ssion.com> Cc: linux-kernel@...r.kernel.org, Kyle Huey <me@...ehuey.com>, Linus Torvalds <torvalds@...ux-foundation.org>, Andrea Righi <andrea.righi@...onical.com>, Shuah Khan <shuah@...nel.org>, Alexei Starovoitov <ast@...nel.org>, Andy Lutomirski <luto@...capital.net>, Will Drewry <wad@...omium.org>, "open list:KERNEL SELFTEST FRAMEWORK" <linux-kselftest@...r.kernel.org>, bpf <bpf@...r.kernel.org>, linux-hardening@...r.kernel.org, Robert O'Callahan <rocallahan@...il.com>, Oliver Sang <oliver.sang@...el.com>, lkp@...ts.01.org, lkp@...el.com Subject: Re: [PATCH 1/2] signal: Don't always set SA_IMMUTABLE for forced signals On Thu, Nov 18, 2021 at 04:04:58PM -0600, Eric W. Biederman wrote: > > Recently to prevent issues with SECCOMP_RET_KILL and similar signals > being changed before they are delivered SA_IMMUTABLE was added. > > Unfortunately this broke debuggers[1][2] which reasonably expect to be > able to trap synchronous SIGTRAP and SIGSEGV even when the target > process is not configured to handle those signals. > > Update force_sig_to_task to support both the case when we can > allow the debugger to intercept and possibly ignore the > signal and the case when it is not safe to let userspace > known about the signal until the process has exited. > > Reported-by: Kyle Huey <me@...ehuey.com> > Reported-by: kernel test robot <oliver.sang@...el.com> > Cc: stable@...r.kernel.org > [1] https://lkml.kernel.org/r/CAP045AoMY4xf8aC_4QU_-j7obuEPYgTcnQQP3Yxk=2X90jtpjw@mail.gmail.com > [2] https://lkml.kernel.org/r/20211117150258.GB5403@xsang-OptiPlex-902 > Fixes: 00b06da29cf9 ("signal: Add SA_IMMUTABLE to ensure forced siganls do not get changed") > Signed-off-by: "Eric W. Biederman" <ebiederm@...ssion.com> > --- > kernel/signal.c | 23 ++++++++++++++++------- > 1 file changed, 16 insertions(+), 7 deletions(-) > > diff --git a/kernel/signal.c b/kernel/signal.c > index 7c4b7ae714d4..02058c983bd6 100644 > --- a/kernel/signal.c > +++ b/kernel/signal.c > @@ -1298,6 +1298,12 @@ int do_send_sig_info(int sig, struct kernel_siginfo *info, struct task_struct *p > return ret; > } > > +enum sig_handler { > + HANDLER_CURRENT, /* If reachable use the current handler */ > + HANDLER_SIG_DFL, /* Always use SIG_DFL handler semantics */ > + HANDLER_EXIT, /* Only visible as the proces exit code */ Oh, I just noticed this typo "proces" -> "process" -Kees -- Kees Cook
Powered by blists - more mailing lists