MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-10-22 23:13:01 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,321,951 Commits 589 Branches 4,509 Tags 4.3 GiB
C 97.5%
Assembly 1%
Shell 0.6%
Python 0.3%
Makefile 0.3%
Other 0.1%
dadf1f4423
Go to file
Johannes Nixdorf dadf1f4423 seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast 
[ Upstream commit cce436aafc2abad691fdd37de63ec8a4490b42ce ]

Normally the tracee starts in SECCOMP_NOTIFY_INIT, sends an
event to the tracer, and starts to wait interruptibly. With
SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV, if the tracer receives the
message (SECCOMP_NOTIFY_SENT is reached) while the tracee was waiting
and is subsequently interrupted, the tracee begins to wait again
uninterruptibly (but killable).

This fails if SECCOMP_NOTIFY_REPLIED is reached before the tracee
is interrupted, as the check only considered SECCOMP_NOTIFY_SENT as a
condition to begin waiting again. In this case the tracee is interrupted
even though the tracer already acted on its behalf. This breaks the
assumption SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV wanted to ensure,
namely that the tracer can be sure the syscall is not interrupted or
restarted on the tracee after it is received on the tracer. Fix this
by also considering SECCOMP_NOTIFY_REPLIED when evaluating whether to
switch to uninterruptible waiting.

With the condition changed the loop in seccomp_do_user_notification()
would exit immediately after deciding that noninterruptible waiting
is required if the operation already reached SECCOMP_NOTIFY_REPLIED,
skipping the code that processes pending addfd commands first. Prevent
this by executing the remaining loop body one last time in this case.

Fixes: c2aa2dfef2 ("seccomp: Add wait_killable semantic to seccomp user notifier")
Reported-by: Ali Polatel <alip@chesswob.org>
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220291
Signed-off-by: Johannes Nixdorf <johannes@nixdorf.dev>
Link: https://lore.kernel.org/r/20250725-seccomp-races-v2-1-cf8b9d139596@nixdorf.dev
Signed-off-by: Kees Cook <kees@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-10-15 11:59:54 +02:00
arch KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O 2025-10-12 12:57:19 +02:00
block block: add a queue_limits_commit_update_frozen helper 2025-09-09 18:58:24 +02:00
certs sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3 2024-09-20 19:52:48 +03:00
crypto crypto: rng - Ensure set_ent is always present 2025-10-12 12:57:19 +02:00
Documentation platform/x86: lg-laptop: Fix WMAB call in fan_mode_store() 2025-10-02 13:44:12 +02:00
drivers staging: axis-fifo: flush RX FIFO on read errors 2025-10-12 12:57:19 +02:00
fs netfs: Prevent duplicate unlocking 2025-10-12 12:57:17 +02:00
include filelock: add FL_RECLAIM to show_fl_flags() macro 2025-10-15 11:59:53 +02:00
init init: INITRAMFS_PRESERVE_MTIME should depend on BLK_DEV_INITRD 2025-10-15 11:59:53 +02:00
io_uring io_uring: fix incorrect io_kiocb reference in io_link_skb 2025-09-25 11:13:49 +02:00
ipc ipc: fix to protect IPCS lookups using RCU 2025-06-27 11:11:22 +01:00
kernel seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast 2025-10-15 11:59:54 +02:00
lib lib/sbitmap: convert shallow_depth from one word to the whole sbitmap 2025-08-20 18:30:49 +02:00
LICENSES LICENSES: add 0BSD license text 2024-09-01 20:43:24 -07:00
mm mm: swap: check for stable address space before operating on the VMA 2025-10-06 11:17:52 +02:00
net net/9p: fix double req put in p9_fd_cancelled 2025-10-12 12:57:19 +02:00
rust rust: block: fix srctree/ links 2025-10-12 12:57:16 +02:00
samples ftrace/samples: Fix function size computation 2025-09-19 16:35:44 +02:00
scripts gcc-plugins: Remove TODO_verify_il for GCC >= 16 2025-10-06 11:17:52 +02:00
security apparmor: Fix 8-byte alignment for initial dfa blob streams 2025-08-28 16:30:56 +02:00
sound ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free 2025-10-12 12:57:18 +02:00
tools perf subcmd: avoid crash in exclude_cmds when excludes is empty 2025-10-12 12:57:16 +02:00
usr kbuild: hdrcheck: fix cross build with clang 2025-03-13 13:02:18 +01:00
virt KVM: Allow CPU to reschedule while setting per-page memory attributes 2025-07-17 18:37:08 +02:00
.clang-format clang-format: Update with v6.11-rc1's for_each macro list 2024-08-02 13:20:31 +02:00
.clippy.toml rust: give Clippy the minimum supported Rust version 2025-08-01 09:48:44 +01:00
.cocciconfig
.editorconfig
.get_maintainer.ignore
.gitattributes
.gitignore rust: introduce .clippy.toml 2025-03-13 13:01:42 +01:00
.mailmap mailmap: add entry for Thorsten Blum 2024-11-07 14:14:59 -08:00
.rustfmt.toml
COPYING
CREDITS MAINTAINERS: Remove self from DSA entry 2024-11-03 12:52:38 -08:00
Kbuild
Kconfig
MAINTAINERS MAINTAINERS: Update Alexey Makhalov's email address 2025-05-22 14:29:46 +02:00
Makefile Linux 6.12.52 2025-10-12 12:57:19 +02:00
README

README

Linux kernel

There are several guides for kernel developers and users. These guides can be rendered in a number of formats, like HTML and PDF. Please read Documentation/admin-guide/README.rst first.

In order to build the documentation, use make htmldocs or make pdfdocs. The formatted documentation can also be read online at:

https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory, several of them using the reStructuredText markup notation.

Please read the Documentation/process/changes.rst file, as it contains the requirements for building and running the kernel, and information about the problems which may result by upgrading your kernel.