Commit 5c38065e authored Mar 22, 2016 by Andy Lutomirski Committed by Linus Torvalds Mar 22, 2016

seccomp: check in_compat_syscall, not is_compat_task, in strict mode



Seccomp wants to know the syscall bitness, not the caller task bitness,
when it selects the syscall whitelist.

As far as I know, this makes no difference on any architecture, so it's
not a security problem.  (It generates identical code everywhere except
sparc, and, on sparc, the syscall numbering is the same for both ABIs.)

Signed-off-by: Andy Lutomirski <luto@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

parent 203f7907

kernel/seccomp.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -395,7 +395,7 @@ seccomp_prepare_user_filter(const char __user *user_filter)
		struct seccomp_filter *filter = ERR_PTR(-EFAULT);

		#ifdef CONFIG_COMPAT
		if (is_compat_task()) {
		if (in_compat_syscall()) {
		struct compat_sock_fprog fprog32;
		if (copy_from_user(&fprog32, user_filter, sizeof(fprog32)))
		goto out;
		@@ -529,7 +529,7 @@ static void __secure_computing_strict(int this_syscall)
		{
		int *syscall_whitelist = mode1_syscalls;
		#ifdef CONFIG_COMPAT
		if (is_compat_task())
		if (in_compat_syscall())
		syscall_whitelist = mode1_syscalls_32;
		#endif
		do {

Admin message