| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Jun 2016 14:02:04 -0700 From: Kees Cook <keescook@...omium.org> To: linux-kernel@...r.kernel.org Cc: Kees Cook <keescook@...omium.org>, Jeff Dike <jdike@...toit.com>, Richard Weinberger <richard@....at>, user-mode-linux-devel@...ts.sourceforge.net, Andy Lutomirski <luto@...nel.org>, Benjamin Herrenschmidt <benh@...nel.crashing.org>, Catalin Marinas <catalin.marinas@....com>, Chris Metcalf <cmetcalf@...lanox.com>, Heiko Carstens <heiko.carstens@...ibm.com>, Helge Deller <deller@....de>, "James E.J. Bottomley" <jejb@...isc-linux.org>, James Hogan <james.hogan@...tec.com>, linux-arch@...r.kernel.org, linux-arm-kernel@...ts.infradead.org, linux-mips@...ux-mips.org, linux-parisc@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org, linux-s390@...r.kernel.org, "Maciej W. Rozycki" <macro@...tec.com>, Mark Rutland <mark.rutland@....com>, Martin Schwidefsky <schwidefsky@...ibm.com>, Michael Ellerman <mpe@...erman.id.au>, Paul Mackerras <paulus@...ba.org>, Ralf Baechle <ralf@...ux-mips.org>, Russell King <linux@...linux.org.uk>, Will Deacon <will.deacon@....com>, x86@...nel.org Subject: [PATCH 14/14] um/ptrace: run seccomp after ptrace Close the hole where ptrace can change a syscall out from under seccomp. Signed-off-by: Kees Cook <keescook@...omium.org> Cc: Jeff Dike <jdike@...toit.com> Cc: Richard Weinberger <richard@....at> Cc: user-mode-linux-devel@...ts.sourceforge.net --- arch/um/kernel/skas/syscall.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/arch/um/kernel/skas/syscall.c b/arch/um/kernel/skas/syscall.c index 9c5570f0f397..ef4b8f949b51 100644 --- a/arch/um/kernel/skas/syscall.c +++ b/arch/um/kernel/skas/syscall.c @@ -20,12 +20,12 @@ void handle_syscall(struct uml_pt_regs *r) UPT_SYSCALL_NR(r) = PT_SYSCALL_NR(r->gp); PT_REGS_SET_SYSCALL_RETURN(regs, -ENOSYS); - /* Do the secure computing check first; failures should be fast. */ - if (secure_computing(NULL) == -1) + if (syscall_trace_enter(regs)) return; - if (syscall_trace_enter(regs)) - goto out; + /* Do the seccomp check after ptrace; failures should be fast. */ + if (secure_computing(NULL) == -1) + return; /* Update the syscall number after orig_ax has potentially been updated * with ptrace. @@ -37,6 +37,5 @@ void handle_syscall(struct uml_pt_regs *r) PT_REGS_SET_SYSCALL_RETURN(regs, EXECUTE_SYSCALL(syscall, regs)); -out: syscall_trace_leave(regs); } -- 2.7.4
Powered by blists - more mailing lists