lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20140919105920.GA14133@gmail.com>
Date:	Fri, 19 Sep 2014 12:59:20 +0200
From:	Ingo Molnar <mingo@...nel.org>
To:	Andy Lutomirski <luto@...capital.net>
Cc:	hpa@...or.com, linux-kernel@...r.kernel.org,
	schwidefsky@...ibm.com, keescook@...omium.org,
	linux@....linux.org.uk, ralf@...ux-mips.org,
	heiko.carstens@...ibm.com, tglx@...utronix.de,
	"James E.J. Bottomley" <James.Bottomley@...senPartnership.com>
Subject: Re: [PATCH] parisc: Use secure_computing_strict, not secure_computing


(Cc:-ed the PARISC maintainer. Original patch quoted below.)

* Andy Lutomirski <luto@...capital.net> wrote:

> After commit a4412fc9486e, the secure_computing function is only
> available if seccomp filters are implemented by the architecture.
> Architectures without seccomp filters use secure_computing_strict
> instead.
> 
> Signed-off-by: Andy Lutomirski <luto@...capital.net>
> ---
> 
> This is minimally tested because my cross-compiler toolchain for parisc
> is quite broken.  ptrace.c seems to *compile*, but it doesn't assemble.
> 
>  arch/parisc/kernel/ptrace.c | 10 +++++-----
>  1 file changed, 5 insertions(+), 5 deletions(-)
> 
> diff --git a/arch/parisc/kernel/ptrace.c b/arch/parisc/kernel/ptrace.c
> index 3bab72462ab5..5961cc86d6d2 100644
> --- a/arch/parisc/kernel/ptrace.c
> +++ b/arch/parisc/kernel/ptrace.c
> @@ -270,11 +270,11 @@ long do_syscall_trace_enter(struct pt_regs *regs)
>  {
>  	long ret = 0;
>  
> -	/* Do the secure computing check first. */
> -	if (secure_computing(regs->gr[20])) {
> -		/* seccomp failures shouldn't expose any additional code. */
> -		return -1;
> -	}
> +	/*
> +	 * Do the secure computing check first. seccomp failures
> +	 * shouldn't expose any additional code.
> +	 */
> +	secure_computing_strict(regs->gr[20]);
>  
>  	if (test_thread_flag(TIF_SYSCALL_TRACE) &&
>  	    tracehook_report_syscall_entry(regs))

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ