| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Jun 2016 15:46:10 -0700 From: Andy Lutomirski <luto@...capital.net> To: Kees Cook <keescook@...omium.org> Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Andy Lutomirski <luto@...nel.org>, Benjamin Herrenschmidt <benh@...nel.crashing.org>, Catalin Marinas <catalin.marinas@....com>, Chris Metcalf <cmetcalf@...lanox.com>, Heiko Carstens <heiko.carstens@...ibm.com>, Helge Deller <deller@....de>, "James E.J. Bottomley" <jejb@...isc-linux.org>, James Hogan <james.hogan@...tec.com>, Jeff Dike <jdike@...toit.com>, linux-arch <linux-arch@...r.kernel.org>, "linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>, Linux MIPS Mailing List <linux-mips@...ux-mips.org>, linux-parisc@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org, "linux-s390@...r.kernel.org" <linux-s390@...r.kernel.org>, "Maciej W. Rozycki" <macro@...tec.com>, Mark Rutland <mark.rutland@....com>, Martin Schwidefsky <schwidefsky@...ibm.com>, Michael Ellerman <mpe@...erman.id.au>, Paul Mackerras <paulus@...ba.org>, Ralf Baechle <ralf@...ux-mips.org>, Richard Weinberger <richard@....at>, Russell King <linux@...linux.org.uk>, "user-mode-linux-devel@...ts.sourceforge.net" <user-mode-linux-devel@...ts.sourceforge.net>, Will Deacon <will.deacon@....com>, X86 ML <x86@...nel.org> Subject: Re: [PATCH 05/14] seccomp: recheck the syscall after RET_TRACE On Thu, Jun 9, 2016 at 2:01 PM, Kees Cook <keescook@...omium.org> wrote: > When RET_TRACE triggers, a tracer may change a syscall into something that > should be filtered by seccomp. This re-runs seccomp after a trace event > to make sure things continue to pass. > > Signed-off-by: Kees Cook <keescook@...omium.org> > Cc: Andy Lutomirski <luto@...nel.org> > --- > kernel/seccomp.c | 21 ++++++++++++++++++--- > 1 file changed, 18 insertions(+), 3 deletions(-) > > diff --git a/kernel/seccomp.c b/kernel/seccomp.c > index 14a37d71b612..54d15eb2b701 100644 > --- a/kernel/seccomp.c > +++ b/kernel/seccomp.c > @@ -556,7 +556,8 @@ void secure_computing_strict(int this_syscall) > #else > > #ifdef CONFIG_SECCOMP_FILTER > -static int __seccomp_filter(int this_syscall, const struct seccomp_data *sd) > +static int __seccomp_filter(int this_syscall, const struct seccomp_data *sd, > + const bool recheck_after_trace) This patch looks good with one minor nit: I read this as "pass true if you want to recheck after trace", which is exactly the opposite of how it works. --Andy
Powered by blists - more mailing lists