iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/kernel
History
Mike Frysinger b25e67161c seccomp: dump core when using SECCOMP_RET_KILL 
The SECCOMP_RET_KILL mode is documented as immediately killing the
process as if a SIGSYS had been sent and not caught (similar to a
SIGKILL).  However, a SIGSYS is documented as triggering a coredump
which does not happen today.

This has the advantage of being able to more easily debug a process
that fails a seccomp filter.  Today, most apps need to recompile and
change their filter in order to get detailed info out, or manually run
things through strace, or enable detailed kernel auditing.  Now we get
coredumps that fit into existing system-wide crash reporting setups.

From a security pov, this shouldn't be a problem.  Unhandled signals
can already be sent externally which trigger a coredump independent of
the status of the seccomp filter.  The act of dumping core itself does
not cause change in execution of the program.

URL: https://crbug.com/676357
Signed-off-by: Mike Frysinger <vapier@chromium.org>
Acked-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2017-01-23 21:42:42 +11:00
..
bpf
bpf: fix mark_reg_unknown_value for spilled regs on map value marking
2016-12-17 21:27:44 -05:00
configs
config: android: enable CONFIG_SECCOMP
2016-10-11 15:06:32 -07:00
debug
kdb: call vkdb_printf() from vprintk_default() only when wanted
2016-12-14 16:04:08 -08:00
events
Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2016-12-23 16:49:12 -08:00
gcov
gcov: add support for gcc version >= 6
2016-07-15 14:54:27 +09:00
irq
genirq/affinity: Fix node generation from cpumask
2016-12-15 12:32:35 +01:00
livepatch
livepatch/module: make TAINT_LIVEPATCH module-specific
2016-08-26 14:42:08 +02:00
locking
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
power
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
printk
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
rcu
rcu: Don't kick unless grace period or request
2016-11-14 10:46:31 -08:00
sched
ktime: Cleanup ktime_set() usage
2016-12-25 17:21:22 +01:00
time
ktime: Cleanup ktime_set() usage
2016-12-25 17:21:22 +01:00
trace
clocksource: Use a plain u64 instead of cycle_t
2016-12-25 11:04:12 +01:00
.gitignore
acct.c
async.c
audit_fsnotify.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2016-12-17 18:44:00 -08:00
audit_tree.c
Merge branch 'stable-4.10' of git://git.infradead.org/users/pcmoore/audit
2017-01-05 23:06:06 -08:00
audit_watch.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2016-12-17 18:44:00 -08:00
audit.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2016-12-17 18:44:00 -08:00
audit.h
audit_log_{name,link_denied}: constify struct path
2016-12-05 19:00:38 -05:00
auditfilter.c
audit: add support for session ID user filter
2016-11-29 15:10:12 -05:00
auditsc.c
Merge branch 'stable-4.10' of git://git.infradead.org/users/pcmoore/audit
2016-12-14 14:06:40 -08:00
backtracetest.c
bounds.c
capability.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
cgroup_freezer.c
cgroup_pids.c
cgroup: Use lld instead of ld when printing pids controller events_limit
2016-06-21 15:03:36 -04:00
cgroup.c
cgroup: add support for eBPF programs
2016-11-25 16:25:52 -05:00
compat.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
configs.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
context_tracking.c
cpu_pm.c
cpu.c
smp/hotplug: Undo tglxs brainfart
2016-12-26 17:30:24 -08:00
cpuset.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
crash_dump.c
cred.c
cred: Reject inodes with invalid ids in set_create_file_as()
2016-06-30 18:05:09 -05:00
delayacct.c
dma.c
elfcore.c
exec_domain.c
exit.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
extable.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
fork.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
freezer.c
freezer, oom: check TIF_MEMDIE on the correct task
2016-07-28 16:07:41 -07:00
futex_compat.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
futex.c
ktime: Get rid of the union
2016-12-25 17:21:22 +01:00
groups.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
hung_task.c
hung_task: decrement sysctl_hung_task_warnings only if it is positive
2016-12-12 18:55:09 -08:00
irq_work.c
jump_label.c
powerpc updates for 4.8 #2
2016-08-05 09:00:54 -04:00
kallsyms.c
kallsyms: add support for relative offsets in kallsyms address table
2016-03-15 16:55:16 -07:00
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
locking/mutex: Allow MUTEX_SPIN_ON_OWNER when DEBUG_MUTEXES
2016-10-25 11:31:51 +02:00
Kconfig.preempt
kcov.c
kcov: make kcov work properly with KASLR enabled
2016-12-20 09:48:47 -08:00
kexec_core.c
kexec: add cond_resched into kimage_alloc_crash_control_pages
2016-12-14 16:04:07 -08:00
kexec_file.c
ima: on soft reboot, save the measurement list
2016-12-20 09:48:44 -08:00
kexec_internal.h
kexec_file: Allow arch-specific memory walking for kexec_add_buffer
2016-11-30 23:14:57 +11:00
kexec.c
kexec: allow architectures to override boot mapping
2016-08-02 19:35:27 -04:00
kmod.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
kprobes.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
ksysfs.c
kexec: add a kexec_crash_loaded() function
2016-08-02 19:35:30 -04:00
kthread.c
kthread: add __printf attributes
2016-12-12 18:55:06 -08:00
latencytop.c
Makefile
Merge branch 'akpm' (patches from Andrew)
2016-12-14 17:25:18 -08:00
membarrier.c
memremap.c
mm: fix cache mode of dax pmd mappings
2016-09-09 17:34:46 -07:00
module_signing.c
KEYS: Move the point of trust determination to __key_link()
2016-04-11 22:43:43 +01:00
module-internal.h
module.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
notifier.c
nsproxy.c
padata.c
padata: Remove unused but set variables
2016-10-25 11:08:10 +08:00
panic.c
taint/module: Clean up global and module taint flags handling
2016-11-26 11:18:01 -08:00
params.c
pid_namespace.c
Merge branch 'nsfs-ioctls' into HEAD
2016-09-22 20:00:36 -05:00
pid.c
remove lots of IS_ERR_VALUE abuses
2016-05-27 15:26:11 -07:00
profile.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
ptrace.c
ptrace: Don't allow accessing an undumpable mm
2016-11-22 12:57:38 -06:00
range.c
reboot.c
relay.c
relay: check array offset before using it
2016-12-14 16:04:08 -08:00
resource.c
/proc/iomem: only expose physical resource addresses to privileged users
2016-04-14 12:56:09 -07:00
seccomp.c
seccomp: dump core when using SECCOMP_RET_KILL
2017-01-23 21:42:42 +11:00
signal.c
ktime: Get rid of the union
2016-12-25 17:21:22 +01:00
smp.c
kernel/smp: Tell the user we're bringing up secondary CPUs
2016-10-26 12:02:35 +02:00
smpboot.c
kthread/smpboot: do not park in kthread_create_on_cpu()
2016-10-11 15:06:33 -07:00
smpboot.h
cpu/hotplug: Create hotplug threads
2016-03-01 20:36:56 +01:00
softirq.c
softirq: Display IRQ_POLL for irq-poll statistics
2016-10-21 15:45:47 -06:00
stacktrace.c
stop_machine.c
locking/core, stop_machine: Yield the CPU during stop machine()
2016-11-16 10:15:09 +01:00
sys_ni.c
move aio compat to fs/aio.c
2016-12-22 22:58:37 -05:00
sys.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
sysctl_binary.c
sysctl: add KERN_CONT to deprecated_sysctl_warning()
2016-12-14 16:04:07 -08:00
sysctl.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
task_work.c
task_work: use READ_ONCE/lockless_dereference, avoid pi_lock if !task_works
2016-08-02 19:35:02 -04:00
taskstats.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-11-15 10:54:36 -05:00
test_kprobes.c
torture.c
torture: Convert torture_shutdown() to hrtimer
2016-08-22 10:01:49 -07:00
tracepoint.c
tracing: Have the reg function allow to fail
2016-12-09 09:13:30 -05:00
tsacct.c
time, acct: Drop irq save & restore from __acct_update_integrals()
2016-02-29 09:53:09 +01:00
ucount.c
mntns: Add a limit on the number of mount namespaces.
2016-08-31 07:28:35 -05:00
uid16.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
up.c
smp: Add function to execute a function synchronously on a CPU
2016-09-05 13:52:39 +02:00
user_namespace.c
Merge branch 'nsfs-ioctls' into HEAD
2016-09-22 20:00:36 -05:00
user-return-notifier.c
user.c
utsname_sysctl.c
utsname.c
Merge branch 'nsfs-ioctls' into HEAD
2016-09-22 20:00:36 -05:00
watchdog_hld.c
kernel/watchdog.c: move hardlockup detector to separate file
2016-12-14 16:04:08 -08:00
watchdog.c
kernel/watchdog.c: move hardlockup detector to separate file
2016-12-14 16:04:08 -08:00
workqueue_internal.h
sched/core: Get rid of 'cpu' argument in wq_worker_sleeping()
2016-03-02 10:28:47 -05:00
workqueue.c
Merge branch 'for-4.9' into for-4.10
2016-10-19 12:12:40 -04:00