github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-06 05:27:07 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
607d3aab73
linux/kernel
History
Jann Horn 5a41a3033a ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE 
commit ee1fee9005 upstream.

Setting PTRACE_O_SUSPEND_SECCOMP is supposed to be a highly privileged
operation because it allows the tracee to completely bypass all seccomp
filters on kernels with CONFIG_CHECKPOINT_RESTORE=y. It is only supposed to
be settable by a process with global CAP_SYS_ADMIN, and only if that
process is not subject to any seccomp filters at all.

However, while these permission checks were done on the PTRACE_SETOPTIONS
path, they were missing on the PTRACE_SEIZE path, which also sets
user-specified ptrace flags.

Move the permissions checks out into a helper function and let both
ptrace_attach() and ptrace_setoptions() call it.

Cc: stable@kernel.org
Fixes: 13c4a90119 ("seccomp: add ptrace options for suspend/resume")
Signed-off-by: Jann Horn <jannh@google.com>
Link: https://lkml.kernel.org/r/20220319010838.1386861-1-jannh@google.com
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-04-08 14:39:50 +02:00
..
bpf bpf: Add schedule points in batch ops 2022-03-02 11:42:49 +01:00
cgroup cgroup-v1: Correct privileges check in release_agent writes 2022-03-28 09:57:08 +02:00
configs
debug
dma swiotlb: fix info leak with DMA_FROM_DEVICE 2022-04-08 14:39:46 +02:00
entry
events perf: Fix list corruption in perf_cgroup_switch() 2022-02-16 12:54:31 +01:00
gcov
irq
kcsan
livepatch
locking locking/lockdep: Avoid potential access of invalid memory in lock_class 2022-04-08 14:39:48 +02:00
power PM: s2idle: ACPI: Fix wakeup interrupts handling 2022-02-16 12:54:22 +01:00
printk printk/console: Allow to disable console output by using console="" or console=null 2021-11-12 14:58:33 +01:00
rcu rcu: Don't deboost before reporting expedited quiescent state 2022-03-28 09:57:10 +02:00
sched sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa() 2022-03-08 19:09:34 +01:00
time clocksource: Avoid accidental unstable marking of clocksources 2022-01-27 10:54:06 +01:00
trace tracing: Ensure trace buffer is at least 4096 bytes large 2022-03-16 14:16:00 +01:00
.gitignore
acct.c
async.c Revert "module, async: async_synchronize_full() on module init iff async is used" 2022-02-23 12:01:00 +01:00
audit_fsnotify.c
audit_tree.c
audit_watch.c
audit.c audit: improve audit queue handling when "audit=1" on cmdline 2022-02-08 18:30:34 +01:00
audit.h
auditfilter.c
auditsc.c
backtracetest.c
bounds.c
capability.c
compat.c
configs.c
context_tracking.c
cpu_pm.c
cpu.c sched/scs: Reset task stack state in bringup_cpu() 2021-12-01 09:19:08 +01:00
crash_core.c
crash_dump.c
cred.c
delayacct.c
dma.c
exec_domain.c
exit.c
extable.c
fail_function.c
fork.c copy_process(): Move fd_install() out of sighand->siglock critical section 2022-02-23 12:01:08 +01:00
freezer.c
futex.c
gen_kheaders.sh
groups.c
hung_task.c
iomem.c
irq_work.c
jump_label.c
kallsyms.c
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kcov.c
kexec_core.c
kexec_elf.c
kexec_file.c
kexec_internal.h
kexec.c
kheaders.c
kmod.c
kprobes.c kprobes: Limit max data_size of the kretprobe instances 2021-12-08 09:03:20 +01:00
ksysfs.c
kthread.c
latencytop.c
Makefile
module_signature.c
module_signing.c
module-internal.h
module.c Revert "module, async: async_synchronize_full() on module init iff async is used" 2022-02-23 12:01:00 +01:00
notifier.c
nsproxy.c
padata.c
panic.c
params.c
pid_namespace.c
pid.c
profile.c
ptrace.c ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE 2022-04-08 14:39:50 +02:00
range.c
reboot.c
regset.c
relay.c
resource.c
rseq.c
scftorture.c
scs.c
seccomp.c
signal.c signal: Remove the bogus sigkill_pending in ptrace_stop 2021-11-18 14:03:47 +01:00
smp.c
smpboot.c
smpboot.h
softirq.c
stackleak.c gcc-plugins/stackleak: Use noinstr in favor of notrace 2022-02-23 12:01:00 +01:00
stacktrace.c
static_call.c
stop_machine.c
sys_ni.c
sys.c
sysctl-test.c
sysctl.c x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting 2022-03-11 12:11:49 +01:00
task_work.c
taskstats.c
test_kprobes.c
torture.c
tracepoint.c
tsacct.c taskstats: Cleanup the use of task->exit_code 2022-01-27 10:54:33 +01:00
ucount.c
uid16.c
uid16.h
umh.c
up.c
user_namespace.c
user-return-notifier.c
user.c
usermode_driver.c
utsname_sysctl.c
utsname.c
watch_queue.c watch_queue: Fix filter limit check 2022-03-16 14:16:03 +01:00
watchdog_hld.c
watchdog.c
workqueue_internal.h
workqueue.c workqueue: Fix unbind_workers() VS wq_worker_running() race 2022-01-16 09:14:22 +01:00