From patchwork Thu Jun 9 21:01:58 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 633203 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3rQdT26DpYz9sdn for ; Fri, 10 Jun 2016 07:18:30 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.b=TOieIH50; dkim-atps=neutral Received: from ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 3rQdT2525hzDqPS for ; Fri, 10 Jun 2016 07:18:30 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.b=TOieIH50; dkim-atps=neutral X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Received: from mail-pa0-x22d.google.com (mail-pa0-x22d.google.com [IPv6:2607:f8b0:400e:c03::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3rQd6Z339bzDqPF for ; Fri, 10 Jun 2016 07:02:30 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.b=TOieIH50; dkim-atps=neutral Received: by mail-pa0-x22d.google.com with SMTP id ec8so16603271pac.0 for ; Thu, 09 Jun 2016 14:02:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Agt+T1/d29QO4JpwlHHaurvkgf9FYvFYMHxfUADfL1w=; b=TOieIH50V8TaKK8ZuBMDxMLwv+S1AggGqzfHhs77Ud3yMxkQOplGu57NXixe6WFVtF 1NJ0dW/cxaCm5d22bXHtNSkRfVYIZbUtiy5KfOhFEv4QTJWInThQS8GHivTxMzeZtVHK m6PqCwj385USDVV2JRydE6l0vN+rJKEZzaCAM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Agt+T1/d29QO4JpwlHHaurvkgf9FYvFYMHxfUADfL1w=; b=KWYjfIQYdoqDo84PSedRakerlCAyW7LjSilitp/FN/HSfA6J1qVp/WYqgmjOKs4xTn a+voX5AHHuDC3+4sk73Hg6fq8tNUMjVmmBoEiKqL7Zap1eJY2Tr/rSpeXVyXkcEt0kZK Nlrb3s+jWSTw+ikLmvWRB+mP4ciacx0xlHDOqNgMgIfEWg1NFaVgBw95sbMyrY6wlzhn 4OEO3Pe7VEbucWemXtTWkpOdBJYaiwk4C9mntR1r/8f+kyGok4e5PnwEqCXasyhEYPHd z0UvExTqLje0RDiEQbw70jsTw6I+0BKfhA6PPBPyQLtH6NhkfSSp57ABT6Hfs4ZPhQA8 3yng== X-Gm-Message-State: ALyK8tIQohkpqttFJ/bEnEYQ3Qf8nVOhQK8lg+lSVzfHyKWBjER5e6RCrOP94lj0+IYsAipm X-Received: by 10.66.25.231 with SMTP id f7mr14574389pag.65.1465506148523; Thu, 09 Jun 2016 14:02:28 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id l129sm12265904pfc.5.2016.06.09.14.02.27 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 09 Jun 2016 14:02:27 -0700 (PDT) From: Kees Cook To: linux-kernel@vger.kernel.org Subject: [PATCH 08/14] arm64/ptrace: run seccomp after ptrace Date: Thu, 9 Jun 2016 14:01:58 -0700 Message-Id: <1465506124-21866-9-git-send-email-keescook@chromium.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1465506124-21866-1-git-send-email-keescook@chromium.org> References: <1465506124-21866-1-git-send-email-keescook@chromium.org> X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Mark Rutland , linux-mips@linux-mips.org, Catalin Marinas , Heiko Carstens , Russell King , Paul Mackerras , Chris Metcalf , linux-arch@vger.kernel.org, linux-s390@vger.kernel.org, Helge Deller , x86@kernel.org, "James E.J. Bottomley" , James Hogan , Kees Cook , user-mode-linux-devel@lists.sourceforge.net, Will Deacon , Jeff Dike , Andy Lutomirski , linux-arm-kernel@lists.infradead.org, linux-parisc@vger.kernel.org, Ralf Baechle , Richard Weinberger , Martin Schwidefsky , "Maciej W. Rozycki" , linuxppc-dev@lists.ozlabs.org MIME-Version: 1.0 Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" Close the hole where ptrace can change a syscall out from under seccomp. Signed-off-by: Kees Cook Cc: Catalin Marinas Cc: Will Deacon Cc: Mark Rutland Cc: linux-arm-kernel@lists.infradead.org --- arch/arm64/kernel/ptrace.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c index 6e2cf046615d..602316c97a47 100644 --- a/arch/arm64/kernel/ptrace.c +++ b/arch/arm64/kernel/ptrace.c @@ -1246,13 +1246,13 @@ static void tracehook_report_syscall(struct pt_regs *regs, asmlinkage int syscall_trace_enter(struct pt_regs *regs) { - /* Do the secure computing check first; failures should be fast. */ - if (secure_computing(NULL) == -1) - return -1; - if (test_thread_flag(TIF_SYSCALL_TRACE)) tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER); + /* Do the secure computing after ptrace; failures should be fast. */ + if (secure_computing(NULL) == -1) + return -1; + if (test_thread_flag(TIF_SYSCALL_TRACEPOINT)) trace_sys_enter(regs, regs->syscallno);