Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp326086pxb; Mon, 16 Aug 2021 06:22:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwQ4k9SNkQ22X/0c469+S2jIrmU9Kd3vs1HMqLezjEd3L/3dXkUNTd/+dh92jrWbTe4AVlj X-Received: by 2002:a05:6402:5249:: with SMTP id t9mr17444718edd.260.1629120170510; Mon, 16 Aug 2021 06:22:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1629120170; cv=none; d=google.com; s=arc-20160816; b=Doe6cnZ8yvwd15A4ItUT3ni7SxHqN5DsrtA0iYu0JDf7yC3FeCiqZYswOcJE4m82lj JQ0Gj4a8H5tni5nPNM2gH9EtLf1+HjSG2hqSTCBZ9Oft4UvOBnfSjNRnQMdFFI1v35kk gKQWp7t4uyBajcuVFNOHpCtvYzho6DZMB23Og4RTveymM0rjim7+V32DP/PUl1StfkJy Zlk1NDjt1eW0Z/EFMtWMgU3z09dr72dl7jlbZjclhlobbEr2pFT7BKm7AbYi+zoWLOkE QSvRLEIl6ia3iv2LSdxVMLXmFKgWRh4U/4BwG8D5FSNyjUsqszUtxLuhDBnqUaPeq2ZR Y59A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=50i76kqtb3x04djbXhFgRyAI1lWgQC6zXsAMvwQ8d9Q=; b=XJuj6JVKYUGlUTUE8P0zlasvLiaJlTNCfX0ON9xmxD4jA50GJQKWzJEJmN8OftKuK0 5DNAKhSdK1CJkx0gb/Myr5irKkPPaQUdYRGGxPoNWsAifkMjN3pG9YKOrIhQmFCg00Uq lMQAImy9J+bmQSimJDuWvh1DwJBxyqSI6CHhfQuFOBrdmvctSQUKEXRZHGXS7JRii45m Kc2fHABCU/xBujqQTM+szSX1MYZfDutX2tLS3J36Aoo5a25O0UV2VTXzx6hNVBlOsrtm /YjXhXdd2YCXF0pnM1dZ2TKBiRkczSJS/O59Jz3kdDb7df/bEvG0HBHHU09vXkgsI2CN 5DNw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=KziZRwrF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id ga2si10955121ejc.213.2021.08.16.06.22.27; Mon, 16 Aug 2021 06:22:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=KziZRwrF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239857AbhHPNVX (ORCPT + 99 others); Mon, 16 Aug 2021 09:21:23 -0400 Received: from mail.kernel.org ([198.145.29.99]:37180 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237520AbhHPNNE (ORCPT ); Mon, 16 Aug 2021 09:13:04 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 7A19E632C0; Mon, 16 Aug 2021 13:10:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1629119447; bh=tJRxt6R0nDizbvrBIJUeMhQ+idTbHvZENKG3Jn2g5G4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=KziZRwrFW3eEOtKjOYJnrBBJg9MMe0eEMprehROo7B7OFNSEkXJGWxEFBeExEdXFa slEiBraYFoIUBpJTw39xbgbKZUOe27jCJLFcQg5+84n1o1xWpjNTCHnKo3ICEgLew8 D6bi1WA6eufzfwgiv/i34633uh2WTtxXmnT6yYdI= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Hsuan-Chi Kuo , Wiktor Garbacz , Kees Cook Subject: [PATCH 5.13 022/151] seccomp: Fix setting loaded filter count during TSYNC Date: Mon, 16 Aug 2021 15:00:52 +0200 Message-Id: <20210816125444.801772013@linuxfoundation.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210816125444.082226187@linuxfoundation.org> References: <20210816125444.082226187@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Hsuan-Chi Kuo commit b4d8a58f8dcfcc890f296696cadb76e77be44b5f upstream. The desired behavior is to set the caller's filter count to thread's. This value is reported via /proc, so this fixes the inaccurate count exposed to userspace; it is not used for reference counting, etc. Signed-off-by: Hsuan-Chi Kuo Link: https://lore.kernel.org/r/20210304233708.420597-1-hsuanchikuo@gmail.com Co-developed-by: Wiktor Garbacz Signed-off-by: Wiktor Garbacz Link: https://lore.kernel.org/lkml/20210810125158.329849-1-wiktorg@google.com Signed-off-by: Kees Cook Cc: stable@vger.kernel.org Fixes: c818c03b661c ("seccomp: Report number of loaded filters in /proc/$pid/status") Signed-off-by: Greg Kroah-Hartman --- kernel/seccomp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/kernel/seccomp.c +++ b/kernel/seccomp.c @@ -602,7 +602,7 @@ static inline void seccomp_sync_threads( smp_store_release(&thread->seccomp.filter, caller->seccomp.filter); atomic_set(&thread->seccomp.filter_count, - atomic_read(&thread->seccomp.filter_count)); + atomic_read(&caller->seccomp.filter_count)); /* * Don't let an unprivileged task work around