lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 17 Nov 2021 17:32:20 -0800 From: Kees Cook <keescook@...omium.org> To: Kyle Huey <me@...ehuey.com> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, "Eric W. Biederman" <ebiederm@...ssion.com>, Andrea Righi <andrea.righi@...onical.com>, Shuah Khan <shuah@...nel.org>, Alexei Starovoitov <ast@...nel.org>, Andy Lutomirski <luto@...capital.net>, Will Drewry <wad@...omium.org>, "open list:KERNEL SELFTEST FRAMEWORK" <linux-kselftest@...r.kernel.org>, bpf <bpf@...r.kernel.org>, open list <linux-kernel@...r.kernel.org>, linux-hardening@...r.kernel.org, Robert O'Callahan <rocallahan@...il.com> Subject: Re: [REGRESSION] 5.16rc1: SA_IMMUTABLE breaks debuggers On Wed, Nov 17, 2021 at 05:20:33PM -0800, Kyle Huey wrote: > Yeah that's one way to solve the problem. I think you're right that > fundamentally the problem here is that what SECCOMP_RET_KILL wants is > not really a signal. To the extent that it wants a signal, what it > really wants is SIGKILL, and the problem here is the code trying to > act like SIGKILL but call it SIGSYS. I assume the ship for fixing that > sailed years ago though. Yeah, this was IIRC, a specific design choice (to distinguish a seccomp KILL from a SIGKILL), as desired by the sandboxing folks, and instead of using two different signals (one for KILL and one for TRAP), both used SIGSYS, with the KILL variant being uncatchable. -- Kees Cook
Powered by blists - more mailing lists