Commit 972939e2 authored by Mickaël Salaün's avatar Mickaël Salaün Committed by Kees Cook

um/ptrace: Fix the syscall_trace_leave call

Keep the same semantic as before the commit 26703c63: deallocate
audit context and fake a proper syscall exit.

This fix a kernel panic triggered by the seccomp_bpf test:
> [ RUN      ] global.ERRNO_valid
> BUG: failure at kernel/auditsc.c:1504/__audit_syscall_entry()!
> Kernel panic - not syncing: BUG!

Fixes: 26703c63 ("um/ptrace: run seccomp after ptrace")
Signed-off-by: default avatarMickaël Salaün <mic@digikod.net>
Acked-by: default avatarKees Cook <keescook@chromium.org>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Richard Weinberger <richard@nod.at>
Cc: James Morris <jmorris@namei.org>
Cc: user-mode-linux-devel@lists.sourceforge.net
Signed-off-by: default avatarJames Morris <james.l.morris@oracle.com>
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
parent d060e0f6
...@@ -21,11 +21,11 @@ void handle_syscall(struct uml_pt_regs *r) ...@@ -21,11 +21,11 @@ void handle_syscall(struct uml_pt_regs *r)
PT_REGS_SET_SYSCALL_RETURN(regs, -ENOSYS); PT_REGS_SET_SYSCALL_RETURN(regs, -ENOSYS);
if (syscall_trace_enter(regs)) if (syscall_trace_enter(regs))
return; goto out;
/* Do the seccomp check after ptrace; failures should be fast. */ /* Do the seccomp check after ptrace; failures should be fast. */
if (secure_computing(NULL) == -1) if (secure_computing(NULL) == -1)
return; goto out;
/* Update the syscall number after orig_ax has potentially been updated /* Update the syscall number after orig_ax has potentially been updated
* with ptrace. * with ptrace.
...@@ -37,5 +37,6 @@ void handle_syscall(struct uml_pt_regs *r) ...@@ -37,5 +37,6 @@ void handle_syscall(struct uml_pt_regs *r)
PT_REGS_SET_SYSCALL_RETURN(regs, PT_REGS_SET_SYSCALL_RETURN(regs,
EXECUTE_SYSCALL(syscall, regs)); EXECUTE_SYSCALL(syscall, regs));
out:
syscall_trace_leave(regs); syscall_trace_leave(regs);
} }
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment