| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250725-seccomp-races-v2-0-cf8b9d139596@nixdorf.dev>
Date: Fri, 25 Jul 2025 18:31:17 +0200
From: Johannes Nixdorf <johannes@...dorf.dev>
To: Kees Cook <kees@...nel.org>, Andy Lutomirski <luto@...capital.net>,
Will Drewry <wad@...omium.org>, Sargun Dhillon <sargun@...gun.me>,
Shuah Khan <shuah@...nel.org>
Cc: linux-kernel@...r.kernel.org, Ali Polatel <alip@...sswob.org>,
linux-kselftest@...r.kernel.org, bpf@...r.kernel.org,
Johannes Nixdorf <johannes@...dorf.dev>
Subject: [PATCH v2 0/2] seccomp: Fix a race with WAIT_KILLABLE_RECV if the
tracer replies too fast
If WAIT_KILLABLE_RECV was specified, and an event is received, the
tracee's syscall is not supposed to be interruptible. This was not properly
ensured if the reply was sent too fast, and an interrupting signal was
received before the reply was processed on the tracee side.
This series fixes the bug and adds a test case for it to the selftests.
Signed-off-by: Johannes Nixdorf <johannes@...dorf.dev>
---
Changes in v2:
- Added a selftest for the bug.
- Link to v1: https://lore.kernel.org/r/20250723-seccomp-races-v1-1-bef5667ce30a@nixdorf.dev
---
Johannes Nixdorf (2):
seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast
selftests/seccomp: Add a test for the WAIT_KILLABLE_RECV fast reply race
kernel/seccomp.c | 13 ++-
tools/testing/selftests/seccomp/seccomp_bpf.c | 130 ++++++++++++++++++++++++++
2 files changed, 136 insertions(+), 7 deletions(-)
---
base-commit: 89be9a83ccf1f88522317ce02f854f30d6115c41
change-id: 20250721-seccomp-races-e97897d6d94b
Best regards,
--
Johannes Nixdorf <johannes@...dorf.dev>
Powered by blists - more mailing lists