mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-29 05:44:11 +00:00
seccomp updates for v6.2-rc1
- Add missing kerndoc parameter (Randy Dunlap). - Improve seccomp selftest to check CAP_SYS_ADMIN (Gautam Menghani). - Fix allocation leak when cloned thread immediately dies (Kuniyuki Iwashima). -----BEGIN PGP SIGNATURE----- iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAmOOjOAWHGtlZXNjb29r QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJuXHD/45wafnnxUkunfY8Sv6zHSV/93+ L7GHrEGgKe4fAdb64jy0yMWhffhYW95WvlWBPYE+RCyeRliMj+RNfiXZsUGJXLjB 4h7rPe8wzWllW7tcEAl+gHf++1/h9U4iiyMCFsT2MZv+rnQrK33H4cmDmNUHhd7K DcvoxzXkYLrs0pQTIb5xhfdKU0ZbcTEViPra5CbHASwuamVI6Qc5GupcUoPfr7um 2YhmyK4KZQt0zRKrdwyngeQgjuMfMQ1QsuEOhkHLSswWYrEC8xabGWEizS5Ow7Y7 qrz4KH9hTQgKZIKZ52B+6OslOYWVeYba1Zj3SkDiOAbY5ATzKwOOW+5hHGd+0VS5 r32KfC1Y51ZwoS/4hoW4JCITK31GvHT1zvHHnTL2S/ydpPQ72rAUcLNuxYi5Zs1I jDpOpEt8JNPoRqG2qngEHDsdmUqRwdDGkC2hJc8Kzv8aTBTBch1lwAxYIDLf8lqH t27WjZrmN7F+TR1mpTsrPrfi7btoP4ARMkOrDqsf03gfRWHVzpGpRqm9IWJR9/xI PRbWNMAzePSmcfWpo+oh8389Zybp97iCurwhlu8ZCWEUwPK7FMtf8cW78AprAUc2 QLIaOnhM2WlxmqZrGNy636LY25zZMqtS+95nKDFmii3PQU57tmByM36DP2IGuIie 6h+Pwyf1LJht7yiczg== =++ua -----END PGP SIGNATURE----- Merge tag 'seccomp-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull seccomp updates from Kees Cook: - Add missing kerndoc parameter (Randy Dunlap) - Improve seccomp selftest to check CAP_SYS_ADMIN (Gautam Menghani) - Fix allocation leak when cloned thread immediately dies (Kuniyuki Iwashima) * tag 'seccomp-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: seccomp: document the "filter_count" field seccomp: Move copy_seccomp() to no failure path. selftests/seccomp: Check CAP_SYS_ADMIN capability in the test mode_filter_without_nnp
This commit is contained in:
commit
667161ba0a
3 changed files with 16 additions and 8 deletions
|
@ -27,6 +27,7 @@ struct seccomp_filter;
|
|||
*
|
||||
* @mode: indicates one of the valid values above for controlled
|
||||
* system calls available to a process.
|
||||
* @filter_count: number of seccomp filters
|
||||
* @filter: must always point to a valid seccomp-filter or NULL as it is
|
||||
* accessed without locking during system call entry.
|
||||
*
|
||||
|
|
|
@ -535,6 +535,9 @@ void put_task_stack(struct task_struct *tsk)
|
|||
|
||||
void free_task(struct task_struct *tsk)
|
||||
{
|
||||
#ifdef CONFIG_SECCOMP
|
||||
WARN_ON_ONCE(tsk->seccomp.filter);
|
||||
#endif
|
||||
release_user_cpus_ptr(tsk);
|
||||
scs_release(tsk);
|
||||
|
||||
|
@ -2406,12 +2409,6 @@ static __latent_entropy struct task_struct *copy_process(
|
|||
|
||||
spin_lock(¤t->sighand->siglock);
|
||||
|
||||
/*
|
||||
* Copy seccomp details explicitly here, in case they were changed
|
||||
* before holding sighand lock.
|
||||
*/
|
||||
copy_seccomp(p);
|
||||
|
||||
rv_task_fork(p);
|
||||
|
||||
rseq_fork(p, clone_flags);
|
||||
|
@ -2428,6 +2425,14 @@ static __latent_entropy struct task_struct *copy_process(
|
|||
goto bad_fork_cancel_cgroup;
|
||||
}
|
||||
|
||||
/* No more failure paths after this point. */
|
||||
|
||||
/*
|
||||
* Copy seccomp details explicitly here, in case they were changed
|
||||
* before holding sighand lock.
|
||||
*/
|
||||
copy_seccomp(p);
|
||||
|
||||
init_task_pid_links(p);
|
||||
if (likely(p->pid)) {
|
||||
ptrace_init_task(p, (clone_flags & CLONE_PTRACE) || trace);
|
||||
|
|
|
@ -392,6 +392,8 @@ TEST(mode_filter_without_nnp)
|
|||
.filter = filter,
|
||||
};
|
||||
long ret;
|
||||
cap_t cap = cap_get_proc();
|
||||
cap_flag_value_t is_cap_sys_admin = 0;
|
||||
|
||||
ret = prctl(PR_GET_NO_NEW_PRIVS, 0, NULL, 0, 0);
|
||||
ASSERT_LE(0, ret) {
|
||||
|
@ -400,8 +402,8 @@ TEST(mode_filter_without_nnp)
|
|||
errno = 0;
|
||||
ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog, 0, 0);
|
||||
/* Succeeds with CAP_SYS_ADMIN, fails without */
|
||||
/* TODO(wad) check caps not euid */
|
||||
if (geteuid()) {
|
||||
cap_get_flag(cap, CAP_SYS_ADMIN, CAP_EFFECTIVE, &is_cap_sys_admin);
|
||||
if (!is_cap_sys_admin) {
|
||||
EXPECT_EQ(-1, ret);
|
||||
EXPECT_EQ(EACCES, errno);
|
||||
} else {
|
||||
|
|
Loading…
Reference in a new issue