Skip to content

Commit b37778b

Browse files
oleg-nesterovkees
oleg-nesterov
authored and
kees
committed
seccomp: fix the __secure_computing() stub for !HAVE_ARCH_SECCOMP_FILTER
Depending on CONFIG_HAVE_ARCH_SECCOMP_FILTER, __secure_computing(NULL) will crash or not. This is not consistent/safe, especially considering that after the previous change __secure_computing(sd) is always called with sd == NULL. Fortunately, if CONFIG_HAVE_ARCH_SECCOMP_FILTER=n, __secure_computing() has no callers, these architectures use secure_computing_strict(). Yet it make sense make __secure_computing(NULL) safe in this case. Note also that with this change we can unexport secure_computing_strict() and change the current callers to use __secure_computing(NULL). Fixes: 8cf8dfc ("seccomp: Stub for !HAVE_ARCH_SECCOMP_FILTER") Signed-off-by: Oleg Nesterov <[email protected]> Reviewed-by: Linus Walleij <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Kees Cook <[email protected]>
1 parent 0fe1ebf commit b37778b

File tree

2 files changed

+12
-10
lines changed

2 files changed

+12
-10
lines changed

include/linux/seccomp.h

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -22,8 +22,9 @@
2222
#include <linux/atomic.h>
2323
#include <asm/seccomp.h>
2424

25-
#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
2625
extern int __secure_computing(const struct seccomp_data *sd);
26+
27+
#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
2728
static inline int secure_computing(void)
2829
{
2930
if (unlikely(test_syscall_work(SECCOMP)))
@@ -32,11 +33,6 @@ static inline int secure_computing(void)
3233
}
3334
#else
3435
extern void secure_computing_strict(int this_syscall);
35-
static inline int __secure_computing(const struct seccomp_data *sd)
36-
{
37-
secure_computing_strict(sd->nr);
38-
return 0;
39-
}
4036
#endif
4137

4238
extern long prctl_get_seccomp(void);

kernel/seccomp.c

Lines changed: 10 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -29,13 +29,11 @@
2929
#include <linux/syscalls.h>
3030
#include <linux/sysctl.h>
3131

32+
#include <asm/syscall.h>
33+
3234
/* Not exposed in headers: strictly internal use only. */
3335
#define SECCOMP_MODE_DEAD (SECCOMP_MODE_FILTER + 1)
3436

35-
#ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER
36-
#include <asm/syscall.h>
37-
#endif
38-
3937
#ifdef CONFIG_SECCOMP_FILTER
4038
#include <linux/file.h>
4139
#include <linux/filter.h>
@@ -1074,6 +1072,14 @@ void secure_computing_strict(int this_syscall)
10741072
else
10751073
BUG();
10761074
}
1075+
int __secure_computing(const struct seccomp_data *sd)
1076+
{
1077+
int this_syscall = sd ? sd->nr :
1078+
syscall_get_nr(current, current_pt_regs());
1079+
1080+
secure_computing_strict(this_syscall);
1081+
return 0;
1082+
}
10771083
#else
10781084

10791085
#ifdef CONFIG_SECCOMP_FILTER

0 commit comments

Comments
 (0)