On Mon, Jun 20, 2016 at 9:29 AM, Andy Lutomirski <l...@kernel.org> wrote: > Setting TS_COMPAT in ptrace is wrong: if we happen to do it during > syscall entry, then we'll confuse seccomp and audit. (The former > isn't a security problem: seccomp is currently entirely insecure if a > malicious ptracer is attached.) As a minimal fix, this patch adds a > new flag TS_I386_REGS_POKED that handles the ptrace special case. > > Cc: Pedro Alves <pal...@redhat.com> > Cc: Oleg Nesterov <o...@redhat.com> > Cc: Kees Cook <keesc...@chromium.org> > Signed-off-by: Andy Lutomirski <l...@kernel.org>
In case you're interested, my draft followup (definitely not for x86/urgent) is: https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/commit/?h=x86/vmap_stack&id=50d2f2a9fe1b Pedro, this appears to pass ptrace-tests. I need to try the 64-vs-32 thing, but it's intended to fix it for real. It may not work for in really exotic cases like gdb under UML, but I don't know if we can fix that even in principle. Some day we should expose syscall arch directly via ptrace. --Andy
