iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge tag 'seccomp-v4.8-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Browse Source 
Pull seccomp fix from Kees Cook:
 "Fix fatal signal delivery after ptrace reordering"

* tag 'seccomp-v4.8-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  seccomp: Fix tracer exit notifications during fatal signals
This commit is contained in:
Linus Torvalds
2016-08-30 16:25:57 -07:00
parent 86a1679860 485a252a55
commit 61b5ebd6ff
1 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
kernel/seccomp.c
View File

@ -605,12 +605,16 @@ static int __seccomp_filter(int this_syscall, const struct seccomp_data *sd,
ptrace_event(PTRACE_EVENT_SECCOMP, data); ptrace_event(PTRACE_EVENT_SECCOMP, data);
/* /*
* The delivery of a fatal signal during event * The delivery of a fatal signal during event
* notification may silently skip tracer notification. * notification may silently skip tracer notification,
* Terminating the task now avoids executing a system * which could leave us with a potentially unmodified
* call that may not be intended. * syscall that the tracer would have liked to have
* changed. Since the process is about to die, we just
* force the syscall to be skipped and let the signal
* kill the process and correctly handle any tracer exit
* notifications.
*/ */
if (fatal_signal_pending(current)) if (fatal_signal_pending(current))
do_exit(SIGSYS); goto skip;
/* Check if the tracer forced the syscall to be skipped. */ /* Check if the tracer forced the syscall to be skipped. */
this_syscall = syscall_get_nr(current, task_pt_regs(current)); this_syscall = syscall_get_nr(current, task_pt_regs(current));
if (this_syscall < 0) if (this_syscall < 0)