Merge tag 'seccomp-next' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux into next (fe6c59dc) · Commits · e / devices / android_kernel_fairphone_FP5

include/linux/ptrace.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -34,6 +34,7 @@
		#define PT_TRACE_SECCOMP PT_EVENT_FLAG(PTRACE_EVENT_SECCOMP)

		#define PT_EXITKILL (PTRACE_O_EXITKILL << PT_OPT_FLAG_SHIFT)
		#define PT_SUSPEND_SECCOMP (PTRACE_O_SUSPEND_SECCOMP << PT_OPT_FLAG_SHIFT)

		/* single stepping state bits (used on ARM and PA-RISC) */
		#define PT_SINGLESTEP_BIT 31

+1 −1

Original line number	Diff line number	Diff line
		@@ -78,7 +78,7 @@ static inline long prctl_set_seccomp(unsigned long arg2, char __user *arg3)

		static inline int seccomp_mode(struct seccomp *s)
		{
		return 0;
		return SECCOMP_MODE_DISABLED;
		}
		#endif /* CONFIG_SECCOMP */

+4 −2

Original line number	Diff line number	Diff line
		@@ -90,8 +90,10 @@ struct ptrace_peeksiginfo_args {

		/* eventless options */
		#define PTRACE_O_EXITKILL (1 << 20)
		#define PTRACE_O_SUSPEND_SECCOMP (1 << 21)

		#define PTRACE_O_MASK (0x000000ff \| PTRACE_O_EXITKILL)
		#define PTRACE_O_MASK (\
		0x000000ff \| PTRACE_O_EXITKILL \| PTRACE_O_SUSPEND_SECCOMP)

		#include <asm/ptrace.h>

+13 −0

Original line number	Diff line number	Diff line
		@@ -556,6 +556,19 @@ static int ptrace_setoptions(struct task_struct *child, unsigned long data)
		if (data & ~(unsigned long)PTRACE_O_MASK)
		return -EINVAL;

		if (unlikely(data & PTRACE_O_SUSPEND_SECCOMP)) {
		if (!config_enabled(CONFIG_CHECKPOINT_RESTORE) \|\|
		!config_enabled(CONFIG_SECCOMP))
		return -EINVAL;

		if (!capable(CAP_SYS_ADMIN))
		return -EPERM;

		if (seccomp_mode(&current->seccomp) != SECCOMP_MODE_DISABLED \|\|
		current->ptrace & PT_SUSPEND_SECCOMP)
		return -EPERM;
		}

		/* Avoid intermediate state when all opts are cleared */
		flags = child->ptrace;
		flags &= ~(PTRACE_O_MASK << PT_OPT_FLAG_SHIFT);

+12 −5

Original line number	Diff line number	Diff line
		@@ -175,17 +175,16 @@ static int seccomp_check_filter(struct sock_filter *filter, unsigned int flen)
		*/
		static u32 seccomp_run_filters(struct seccomp_data *sd)
		{
		struct seccomp_filter *f = ACCESS_ONCE(current->seccomp.filter);
		struct seccomp_data sd_local;
		u32 ret = SECCOMP_RET_ALLOW;
		/* Make sure cross-thread synced filter points somewhere sane. */
		struct seccomp_filter *f =
		lockless_dereference(current->seccomp.filter);

		/* Ensure unexpected behavior doesn't result in failing open. */
		if (unlikely(WARN_ON(f == NULL)))
		return SECCOMP_RET_KILL;

		/* Make sure cross-thread synced filter points somewhere sane. */
		smp_read_barrier_depends();

		if (!sd) {
		populate_seccomp_data(&sd_local);
		sd = &sd_local;
		@@ -549,7 +548,11 @@ void secure_computing_strict(int this_syscall)
		{
		int mode = current->seccomp.mode;

		if (mode == 0)
		if (config_enabled(CONFIG_CHECKPOINT_RESTORE) &&
		unlikely(current->ptrace & PT_SUSPEND_SECCOMP))
		return;

		if (mode == SECCOMP_MODE_DISABLED)
		return;
		else if (mode == SECCOMP_MODE_STRICT)
		__secure_computing_strict(this_syscall);
		@@ -650,6 +653,10 @@ u32 seccomp_phase1(struct seccomp_data *sd)
		int this_syscall = sd ? sd->nr :
		syscall_get_nr(current, task_pt_regs(current));

		if (config_enabled(CONFIG_CHECKPOINT_RESTORE) &&
		unlikely(current->ptrace & PT_SUSPEND_SECCOMP))
		return SECCOMP_PHASE1_OK;

		switch (mode) {
		case SECCOMP_MODE_STRICT:
		__secure_computing_strict(this_syscall); /* may call do_exit */