Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp6480557imu; Sun, 2 Dec 2018 19:30:15 -0800 (PST) X-Google-Smtp-Source: AFSGD/WTTo8G+InonKJjr609Qd0GcnXLJh2d3TagrdI3kgEC9+VBDs98TN7tDja6uoExmgDWPpJN X-Received: by 2002:a63:d157:: with SMTP id c23mr11873725pgj.170.1543807815621; Sun, 02 Dec 2018 19:30:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543807815; cv=none; d=google.com; s=arc-20160816; b=jgTrUXO9Md6vSZEZO2+8u0+0tn/grpnE9LYEZYCCYN60hBnclDrISrdzC6Z6tW5767 td+E82/fyiQReCETSae4XYVS0o6uo5L6U3Pc8X7bvJD1GFWV3f70OO9T15b6TgavyBkq JlYN10JITDymXMNihZO6PFm19UnwP0o6pxFulOHsrsEJrmiJvwpot0FyiHaUeY2Fv7PN qTP95/719SE6L3IumiCri7qjwzfR8xxA+R5Lj4MreEZZ3fbYCm3bc+mDBzv/u8cLcaSw IjvcEqgFC/xIhxM8IUBmJDAbI1Mc2qRMRCy44wx89kfisq3F5+kcot8qmPsSUJq7jHZ/ c+qA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=2QRC+2J09QEmUyVLJbctrVLGJbdHDDiVfDdZtEc0W9w=; b=ukyaAv+xQfzcObQPQV1AR+1jsNf97oBQ9uEb6+KD3VDiaNdspk2uaBtcygH01SO5BE V102dgifFbc6sa4KwtkKCGomoKEQg5VCeIrWyI22pq3djOLV9U+MkPr0kdr8DSbiH0yH N2RhiBUv1lCMYFeCrFCPd/gI0XqMJN6NcUrgClHGrvo9O/kggIThdTgdLBlwPQaPN84t ie6sScYfdRQrNJv5tjPwdIP5jdgJZveYMdD7NYG0S+pJFzzKgGpCSEA4W3SRWj+XY6Vx kEhoAmV7F/y9gns6bZvwerlD5rhSJW9ruKr4Pqqtfn32SFHfkyr1p6sF+d3hql0WPLjW 6uEw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=c5TOYzRC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f63si13918292pfg.136.2018.12.02.19.30.00; Sun, 02 Dec 2018 19:30:15 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=c5TOYzRC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725936AbeLCD2q (ORCPT + 99 others); Sun, 2 Dec 2018 22:28:46 -0500 Received: from mail-it1-f196.google.com ([209.85.166.196]:35574 "EHLO mail-it1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725811AbeLCD2q (ORCPT ); Sun, 2 Dec 2018 22:28:46 -0500 Received: by mail-it1-f196.google.com with SMTP id p197so6567525itp.0 for ; Sun, 02 Dec 2018 19:28:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho-ws.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=2QRC+2J09QEmUyVLJbctrVLGJbdHDDiVfDdZtEc0W9w=; b=c5TOYzRCp4/mWzloe0sZTzdbd0mVIVBLhEymzh1giVrso8alVmiPOdJdEiLFbLDU8Q YWQGUT9jJUXNl3rbTK+y52hmvOdUyhTyP2MsnwgtNFPviBAAH3Jh8GeTy+7PzWrQ+hrA 3qgAJ5PmRVnPte2NNMiRquSZvG+067NBoob3oKCBTx4ChP/giaeTqLEBKlcwiUJjWapE BBVYf8b6mZPLbi+YEQrhkyDTQP/CFAMpVTQxirBEoa8Ero+4fa+k7Ap+70Wpu1IM7cKW mQKuY8IxAHthcaBymynSob8qKL9cwvyMurTpUka5ywe5uxvpsKNEgKYlEoA+KTvYL5ZH /4Lg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=2QRC+2J09QEmUyVLJbctrVLGJbdHDDiVfDdZtEc0W9w=; b=cETYKPzub55nni5sXEHIekDunZI1B5WdG5SYjmb1yOW5OpqZFdc5yFGKoduv/ESuwy RcMEIw7uN/iGP+V5GPjceqll3fQ1lvPichh5HrQAuzXgDQluQ4S4onsPBgyYpYeBE8fR CRUxFZfslf2I1mjR9K9Zu/HPO6xrHG24kF5Ne/4+azGSFuJdPOvo+F2w+4q4CNgFlDLO v6UhXAFI4mDNXvJCBMaD4/KAYD05CshH809mnmRDVi3vMyQPE3r6+oFTUHGyVGE5q7ZP DvGBqLmbIoFE/ygWerX1Ir/uWsv6vo5AfGzxFSHbC/2l2co0LGxjugEd+3DvSAIIrX3q egWg== X-Gm-Message-State: AA+aEWZgS7TEE6r5L1n2rS8mvnXUMeIVMFzxK1L+LBKSmTKTXeWWrZ02 EWpebIgzg9z85hB3pavA7kJ78g== X-Received: by 2002:a24:bd48:: with SMTP id x69mr6262187ite.81.1543807722663; Sun, 02 Dec 2018 19:28:42 -0800 (PST) Received: from cisco.lan (71-218-133-134.hlrn.qwest.net. [71.218.133.134]) by smtp.gmail.com with ESMTPSA id n136sm3243529itb.35.2018.12.02.19.28.41 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 02 Dec 2018 19:28:42 -0800 (PST) From: Tycho Andersen To: Kees Cook Cc: Andy Lutomirski , Oleg Nesterov , "Eric W . Biederman" , "Serge E . Hallyn" , Christian Brauner , Tyler Hicks , Akihiro Suda , Aleksa Sarai , Jann Horn , linux-kernel@vger.kernel.org, containers@lists.linux-foundation.org, linux-api@vger.kernel.org, Tycho Andersen Subject: [PATCH v9 1/4] seccomp: hoist struct seccomp_data recalculation higher Date: Sun, 2 Dec 2018 20:28:24 -0700 Message-Id: <20181203032827.27978-2-tycho@tycho.ws> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181203032827.27978-1-tycho@tycho.ws> References: <20181203032827.27978-1-tycho@tycho.ws> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In the next patch, we're going to use the sd pointer passed to __seccomp_filter() as the data to pass to userspace. Except that in some cases (__seccomp_filter(SECCOMP_RET_TRACE), emulate_vsyscall(), every time seccomp is inovked on power, etc.) the sd pointer will be NULL in order to force seccomp to recompute the register data. Previously this recomputation happened one level lower, in seccomp_run_filters(); this patch just moves it up a level higher to __seccomp_filter(). Thanks Oleg for spotting this. Signed-off-by: Tycho Andersen CC: Kees Cook CC: Andy Lutomirski CC: Oleg Nesterov CC: Eric W. Biederman CC: "Serge E. Hallyn" CC: Christian Brauner CC: Tyler Hicks CC: Akihiro Suda --- kernel/seccomp.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/kernel/seccomp.c b/kernel/seccomp.c index f2ae2324c232..96afc32e041d 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c @@ -188,7 +188,6 @@ static int seccomp_check_filter(struct sock_filter *filter, unsigned int flen) static u32 seccomp_run_filters(const struct seccomp_data *sd, struct seccomp_filter **match) { - struct seccomp_data sd_local; u32 ret = SECCOMP_RET_ALLOW; /* Make sure cross-thread synced filter points somewhere sane. */ struct seccomp_filter *f = @@ -198,11 +197,6 @@ static u32 seccomp_run_filters(const struct seccomp_data *sd, if (WARN_ON(f == NULL)) return SECCOMP_RET_KILL_PROCESS; - if (!sd) { - populate_seccomp_data(&sd_local); - sd = &sd_local; - } - /* * All filters in the list are evaluated and the lowest BPF return * value always takes priority (ignoring the DATA). @@ -658,6 +652,7 @@ static int __seccomp_filter(int this_syscall, const struct seccomp_data *sd, u32 filter_ret, action; struct seccomp_filter *match = NULL; int data; + struct seccomp_data sd_local; /* * Make sure that any changes to mode from another thread have @@ -665,6 +660,11 @@ static int __seccomp_filter(int this_syscall, const struct seccomp_data *sd, */ rmb(); + if (!sd) { + populate_seccomp_data(&sd_local); + sd = &sd_local; + } + filter_ret = seccomp_run_filters(sd, &match); data = filter_ret & SECCOMP_RET_DATA; action = filter_ret & SECCOMP_RET_ACTION_FULL; -- 2.19.1