Re: [PATCH] seccomp: plug syscall-dodging ptrace hole

From: Kees Cook
Date: Wed Jun 01 2016 - 23:04:10 EST

Next message: Yakir Yang: "Re: [PATCH] drm/rockchip: vop: do axi reset in vop initial time"
Previous message: Yuyang Du: "Re: [PATCH v3 4/5] sched/fair: Move load and util avgs from wake_up_new_task() to sched_fork()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, May 27, 2016 at 1:14 PM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
> On Fri, May 27, 2016 at 12:52 PM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
>>> Right, I know, it's aesthetically much nicer that way, but I really
>>> want to stay totally paranoid and keep seccomp absolutely first on the
>>> path.
>>>
>>> How about this: we'll use this patch as-is for now, since I'd like to
>>> be able to start getting feedback from the container-using folks ASAP,
>>> and then we can redesign the 2-phase system going forward from there.
>>>
>>
>> I think I'd rather change the ABI as few times as possible. On the
>> other hand, it's still early, and I see nothing wrong with adding it
>> to -next.
>
> To get the ball rolling:
>
> https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/log/?h=seccomp
>
> It's incomplete, but it should be straightforward to finish it. The
> only interesting bit is dealing with SECCOMP_RET_TRACE.

I did a bit more from there (though it needs further cleanup, I see my
"const" fixes landed in the wrong patch), this passes my tests on x86,
the other architectures need reordering and testing:

http://git.kernel.org/cgit/linux/kernel/git/kees/linux.git/log/?h=seccomp/reorder-ptrace

-Kees

--
Kees Cook
Chrome OS & Brillo Security

Next message: Yakir Yang: "Re: [PATCH] drm/rockchip: vop: do axi reset in vop initial time"
Previous message: Yuyang Du: "Re: [PATCH v3 4/5] sched/fair: Move load and util avgs from wake_up_new_task() to sched_fork()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]