Re: [PATCH 0/3] signal: HANDLER_EXIT should clear SIGNAL_UNKILLABLE

From: Eric W. Biederman
Date: Thu Feb 10 2022 - 13:18:03 EST

Next message: David Ahern: "Re: [PATCH] Generate netlink notification when default IPv6 route preference changes"
Previous message: Mark Brown: "Re: [PATCH v2 0/9] ASoC: SOF: IPC client infrastructure"
In reply to: Kees Cook: "[PATCH 2/3] seccomp: Invalidate seccomp mode to catch death failures"
Next in thread: Kees Cook: "Re: [PATCH 0/3] signal: HANDLER_EXIT should clear SIGNAL_UNKILLABLE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Kees Cook <keescook@xxxxxxxxxxxx> writes:

> Hi,
>
> This fixes the signal refactoring to actually kill unkillable processes
> when receiving a fatal SIGSYS from seccomp. Thanks to Robert for the
> report and Eric for the fix! I've also tweaked seccomp internal a bit to
> fail more safely. This was a partial seccomp bypass, in the sense that
> SECCOMP_RET_KILL_* didn't kill the process, but it didn't bypass other
> aspects of the filters. (i.e. the syscall was still blocked, etc.)

Any luck on figuring out how to suppress the extra event?
>
> I'll be sending this to Linus after a bit more testing...
>
> Thanks,
>
> -Kees
>
> Kees Cook (3):
> signal: HANDLER_EXIT should clear SIGNAL_UNKILLABLE
> seccomp: Invalidate seccomp mode to catch death failures
> samples/seccomp: Adjust sample to also provide kill option
>
> kernel/seccomp.c | 10 ++++++++++
> kernel/signal.c | 5 +++--
> samples/seccomp/dropper.c | 9 +++++++--
> 3 files changed, 20 insertions(+), 4 deletions(-)

Eric

Next message: David Ahern: "Re: [PATCH] Generate netlink notification when default IPv6 route preference changes"
Previous message: Mark Brown: "Re: [PATCH v2 0/9] ASoC: SOF: IPC client infrastructure"
In reply to: Kees Cook: "[PATCH 2/3] seccomp: Invalidate seccomp mode to catch death failures"
Next in thread: Kees Cook: "Re: [PATCH 0/3] signal: HANDLER_EXIT should clear SIGNAL_UNKILLABLE"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]