Re: [PATCH v2] x86/ptrace: Stop setting TS_COMPAT in ptrace code

From: Andy Lutomirski
Date: Mon Jun 20 2016 - 15:43:27 EST

Next message: Lars-Peter Clausen: "Re: [PATCH v2 4/5] ASoC: tpa6130a2: Add DAPM support"
Previous message: Helen Koike: "[PATCH] ALSA: hda - Remove compilation warning"
In reply to: Andy Lutomirski: "[PATCH v2] x86/ptrace: Stop setting TS_COMPAT in ptrace code"
Next in thread: Pedro Alves: "Re: [PATCH v2] x86/ptrace: Stop setting TS_COMPAT in ptrace code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jun 20, 2016 at 9:29 AM, Andy Lutomirski <luto@xxxxxxxxxx> wrote:
> Setting TS_COMPAT in ptrace is wrong: if we happen to do it during
> syscall entry, then we'll confuse seccomp and audit. (The former
> isn't a security problem: seccomp is currently entirely insecure if a
> malicious ptracer is attached.) As a minimal fix, this patch adds a
> new flag TS_I386_REGS_POKED that handles the ptrace special case.
>
> Cc: Pedro Alves <palves@xxxxxxxxxx>
> Cc: Oleg Nesterov <oleg@xxxxxxxxxx>
> Cc: Kees Cook <keescook@xxxxxxxxxxxx>
> Signed-off-by: Andy Lutomirski <luto@xxxxxxxxxx>

In case you're interested, my draft followup (definitely not for x86/urgent) is:

https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/commit/?h=x86/vmap_stack&id=50d2f2a9fe1b

Pedro, this appears to pass ptrace-tests. I need to try the 64-vs-32
thing, but it's intended to fix it for real. It may not work for in
really exotic cases like gdb under UML, but I don't know if we can fix
that even in principle.

Some day we should expose syscall arch directly via ptrace.

--Andy

Next message: Lars-Peter Clausen: "Re: [PATCH v2 4/5] ASoC: tpa6130a2: Add DAPM support"
Previous message: Helen Koike: "[PATCH] ALSA: hda - Remove compilation warning"
In reply to: Andy Lutomirski: "[PATCH v2] x86/ptrace: Stop setting TS_COMPAT in ptrace code"
Next in thread: Pedro Alves: "Re: [PATCH v2] x86/ptrace: Stop setting TS_COMPAT in ptrace code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]