-
Andrea Arcangeli authored
This is the same issue as ppc64 before, when returning to userland we shouldn't re-compute the seccomp check or the task could be killed during sigreturn when orig_eax is overwritten by the sigreturn syscall. This was found by Roland. This was harmless from a security standpoint, but some i686 users reported failures with auditing enabled system wide (some distro surprisingly makes it the default) and I reproduced it too by keeping the whole workload under strace -f. Patch is tested and works for me under strace -f. nobody@athlon:~/cpushare> strace -o /tmp/o -f python seccomp_test.py make: Nothing to be done for `seccomp_test'. Starting computing some malicious bytecode init load start stop receive_data failure kill exit_code 0 signal 9 The malicious bytecode has been killed successfully by seccomp Starting computing some safe bytecode init load start stop 174 counts kill exit_code 0 signal 0 The seccomp_test.py completed successfully, thank you for testing. (akpm: collaterally cleaned up a bit of do_syscall_trace() too) Signed-off-by:
Andrea Arcangeli <andrea@cpushare.com> Signed-off-by:
Andrew Morton <akpm@osdl.org> Signed-off-by:
Linus Torvalds <torvalds@osdl.org>
4c7fc722
