ACK: [Vivid][SRU][PATCH 1/1] seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO

Chris J Arges chris.j.arges at canonical.com
Tue Sep 15 18:53:35 UTC 2015


On Tue, Sep 15, 2015 at 11:13:17AM -0700, Brad Figg wrote:
> From: Kees Cook <keescook at chromium.org>
> 
> BugLink: http://bugs.launchpad.net/bugs/1496073
> 
> The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO
> when setting errno during a SECCOMP_RET_ERRNO filter action.  This makes
> sure we have a reliable value being set, so that an invalid errno will not
> be ignored by userspace.
> 
> Signed-off-by: Kees Cook <keescook at chromium.org>
> Reported-by: Dmitry V. Levin <ldv at altlinux.org>
> Cc: Andy Lutomirski <luto at amacapital.net>
> Cc: Will Drewry <wad at chromium.org>
> Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
> Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
> (cherry picked from commit 580c57f1076872ebc2427f898b927944ce170f2d)
> Signed-off-by: Brad Figg <brad.figg at canonical.com>
> 
>  100.0% kernel/
> ---
>  kernel/seccomp.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/kernel/seccomp.c b/kernel/seccomp.c
> index 4ef9687..4f44028 100644
> --- a/kernel/seccomp.c
> +++ b/kernel/seccomp.c
> @@ -629,7 +629,9 @@ static u32 __seccomp_phase1_filter(int this_syscall, struct seccomp_data *sd)
>  
>  	switch (action) {
>  	case SECCOMP_RET_ERRNO:
> -		/* Set the low-order 16-bits as a errno. */
> +		/* Set low-order bits as an errno, capped at MAX_ERRNO. */
> +		if (data > MAX_ERRNO)
> +			data = MAX_ERRNO;
>  		syscall_set_return_value(current, task_pt_regs(current),
>  					 -data, 0);
>  		goto skip;
> -- 
> 1.9.1
> 
> 
> -- 
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
> 




More information about the kernel-team mailing list