Re: [PATCH v1 0/3] Fix seccomp for UM (next)
On Thu, 28 Jul 2016, Kees Cook wrote: > On Mon, Jul 11, 2016 at 6:59 PM, Kees Cook wrote: > > On Mon, Jul 11, 2016 at 5:56 PM, Mickaël Salaün wrote: > >> Hi, > >> > >> This series fix the recent seccomp update for the User-mode Linux > >> architecture > >> (32-bit and 64-bit) since commit 26703c636c1f3272b39bd0f6d04d2e970984f1b6 > >> (close the hole where ptrace can change a syscall out from under seccomp). > >> > >> Regards, > >> > >> Mickaël Salaün (3): > >> um/ptrace: Fix the syscall_trace_leave call > >> um/ptrace: Fix the syscall number update after a ptrace > >> seccomp: Remove 2-phase API documentation > >> > >> arch/Kconfig | 11 --- > >> arch/um/kernel/skas/syscall.c | 10 +++--- > >> arch/x86/um/ptrace_32.c | 3 +++ > >> arch/x86/um/ptrace_64.c | 4 > >> 4 files changed, 10 insertions(+), 18 deletions(-) > > > > Ah, perfect! Thanks for fixing this! James, can you pick this up for -next? > > > > Acked-by: Kees Cook > > James, can you take these fixes for v4.8? We'll need them for um to > work correctly again. (They appear to still be missing from -next.) > I'm pretty sure I don't have these patches, can you or the author send them to me? -- James Morris
Re: [PATCH v1 0/3] Fix seccomp for UM (next)
On Mon, Jul 11, 2016 at 6:59 PM, Kees Cook wrote: > On Mon, Jul 11, 2016 at 5:56 PM, Mickaël Salaün wrote: >> Hi, >> >> This series fix the recent seccomp update for the User-mode Linux >> architecture >> (32-bit and 64-bit) since commit 26703c636c1f3272b39bd0f6d04d2e970984f1b6 >> (close the hole where ptrace can change a syscall out from under seccomp). >> >> Regards, >> >> Mickaël Salaün (3): >> um/ptrace: Fix the syscall_trace_leave call >> um/ptrace: Fix the syscall number update after a ptrace >> seccomp: Remove 2-phase API documentation >> >> arch/Kconfig | 11 --- >> arch/um/kernel/skas/syscall.c | 10 +++--- >> arch/x86/um/ptrace_32.c | 3 +++ >> arch/x86/um/ptrace_64.c | 4 >> 4 files changed, 10 insertions(+), 18 deletions(-) > > Ah, perfect! Thanks for fixing this! James, can you pick this up for -next? > > Acked-by: Kees Cook James, can you take these fixes for v4.8? We'll need them for um to work correctly again. (They appear to still be missing from -next.) Thanks! -Kees -- Kees Cook Chrome OS & Brillo Security
Re: [PATCH v1 0/3] Fix seccomp for UM (next)
On Mon, Jul 11, 2016 at 5:56 PM, Mickaël Salaün wrote: > Hi, > > This series fix the recent seccomp update for the User-mode Linux architecture > (32-bit and 64-bit) since commit 26703c636c1f3272b39bd0f6d04d2e970984f1b6 > (close the hole where ptrace can change a syscall out from under seccomp). > > Regards, > > Mickaël Salaün (3): > um/ptrace: Fix the syscall_trace_leave call > um/ptrace: Fix the syscall number update after a ptrace > seccomp: Remove 2-phase API documentation > > arch/Kconfig | 11 --- > arch/um/kernel/skas/syscall.c | 10 +++--- > arch/x86/um/ptrace_32.c | 3 +++ > arch/x86/um/ptrace_64.c | 4 > 4 files changed, 10 insertions(+), 18 deletions(-) Ah, perfect! Thanks for fixing this! James, can you pick this up for -next? Acked-by: Kees Cook -Kees -- Kees Cook Chrome OS & Brillo Security
[PATCH v1 0/3] Fix seccomp for UM (next)
Hi, This series fix the recent seccomp update for the User-mode Linux architecture (32-bit and 64-bit) since commit 26703c636c1f3272b39bd0f6d04d2e970984f1b6 (close the hole where ptrace can change a syscall out from under seccomp). Regards, Mickaël Salaün (3): um/ptrace: Fix the syscall_trace_leave call um/ptrace: Fix the syscall number update after a ptrace seccomp: Remove 2-phase API documentation arch/Kconfig | 11 --- arch/um/kernel/skas/syscall.c | 10 +++--- arch/x86/um/ptrace_32.c | 3 +++ arch/x86/um/ptrace_64.c | 4 4 files changed, 10 insertions(+), 18 deletions(-) -- 2.8.1