ACK: [SRU][Xenial][PATCH] arm/ptrace: run seccomp after ptrace
Kleber Souza
kleber.souza at canonical.com
Wed Jun 26 16:17:44 UTC 2019
On 6/4/19 12:22 AM, Connor Kuehl wrote:
> From: Kees Cook <keescook at chromium.org>
>
> CVE-2019-2054
>
> Close the hole where ptrace can change a syscall out from under seccomp.
>
> Signed-off-by: Kees Cook <keescook at chromium.org>
> Cc: Russell King <linux at armlinux.org.uk>
> Cc: linux-arm-kernel at lists.infradead.org
> (cherry picked from commit 0f3912fd934cdfd03d93f2dc6f064099795bf638)
> Signed-off-by: Connor Kuehl <connor.kuehl at canonical.com>
Clean cherry-pick.
Acked-by: Kleber Sacilotto de Souza <kleber.souza at canonical.com>
Thank you,
Kleber
> ---
> arch/arm/kernel/ptrace.c | 11 ++++++-----
> 1 file changed, 6 insertions(+), 5 deletions(-)
>
> diff --git a/arch/arm/kernel/ptrace.c b/arch/arm/kernel/ptrace.c
> index d54c53b7ab63..2b00c030775c 100644
> --- a/arch/arm/kernel/ptrace.c
> +++ b/arch/arm/kernel/ptrace.c
> @@ -932,18 +932,19 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs, int scno)
> {
> current_thread_info()->syscall = scno;
>
> - /* Do the secure computing check first; failures should be fast. */
> + if (test_thread_flag(TIF_SYSCALL_TRACE))
> + tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER);
> +
> + /* Do seccomp after ptrace; syscall may have changed. */
> #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
> if (secure_computing() == -1)
> return -1;
> #else
> /* XXX: remove this once OABI gets fixed */
> - secure_computing_strict(scno);
> + secure_computing_strict(current_thread_info()->syscall);
> #endif
>
> - if (test_thread_flag(TIF_SYSCALL_TRACE))
> - tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER);
> -
> + /* Tracer or seccomp may have changed syscall. */
> scno = current_thread_info()->syscall;
>
> if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
>
More information about the kernel-team
mailing list