From: ebiederm@xmission.com (Eric W. Biederman) To: Kyle Huey <me@kylehuey.com> Cc: open list <linux-kernel@vger.kernel.org>, Linus Torvalds <torvalds@linux-foundation.org>, Andrea Righi <andrea.righi@canonical.com>, Shuah Khan <shuah@kernel.org>, Alexei Starovoitov <ast@kernel.org>, Andy Lutomirski <luto@amacapital.net>, Will Drewry <wad@chromium.org>, "open list\:KERNEL SELFTEST FRAMEWORK" <linux-kselftest@vger.kernel.org>, bpf <bpf@vger.kernel.org>, linux-hardening@vger.kernel.org, "Robert O'Callahan" <rocallahan@gmail.com>, Kees Cook <keescook@chromium.org>, Oliver Sang <oliver.sang@intel.com>, lkp@lists.01.org, kbuild test robot <lkp@intel.com> Subject: Re: [PATCH 1/2] signal: Don't always set SA_IMMUTABLE for forced signals Date: Fri, 19 Nov 2021 09:03:56 -0600 [thread overview] Message-ID: <87r1bcp4pv.fsf@email.froward.int.ebiederm.org> (raw) In-Reply-To: <CAP045Aose7Lg_OE0-MijGBg27gWo+Sk3hbxuN3AtQ8OPC9w9+w@mail.gmail.com> (Kyle Huey's message of "Thu, 18 Nov 2021 17:13:52 -0800") Kyle Huey <me@kylehuey.com> writes: > On Thu, Nov 18, 2021 at 2:05 PM Eric W. Biederman <ebiederm@xmission.com> wrote: >> >> >> Recently to prevent issues with SECCOMP_RET_KILL and similar signals >> being changed before they are delivered SA_IMMUTABLE was added. >> >> Unfortunately this broke debuggers[1][2] which reasonably expect to be >> able to trap synchronous SIGTRAP and SIGSEGV even when the target >> process is not configured to handle those signals. >> >> Update force_sig_to_task to support both the case when we can >> allow the debugger to intercept and possibly ignore the >> signal and the case when it is not safe to let userspace >> known about the signal until the process has exited. > > s/known/know/ Fixed. >> Reported-by: Kyle Huey <me@kylehuey.com> >> Reported-by: kernel test robot <oliver.sang@intel.com> >> Cc: stable@vger.kernel.org >> [1] https://lkml.kernel.org/r/CAP045AoMY4xf8aC_4QU_-j7obuEPYgTcnQQP3Yxk=2X90jtpjw@mail.gmail.com >> [2] https://lkml.kernel.org/r/20211117150258.GB5403@xsang-OptiPlex-902 > > This link doesn't work. Shame. I missed a trailing 0, but unfortunately that request did not go to list that is archived on lore. I will keep the link on the chance the message winds up in a lore archive in the future. Eric
WARNING: multiple messages have this Message-ID (diff)
From: Eric W. Biederman <ebiederm@xmission.com> To: lkp@lists.01.org Subject: Re: [PATCH 1/2] signal: Don't always set SA_IMMUTABLE for forced signals Date: Fri, 19 Nov 2021 09:03:56 -0600 [thread overview] Message-ID: <87r1bcp4pv.fsf@email.froward.int.ebiederm.org> (raw) In-Reply-To: <CAP045Aose7Lg_OE0-MijGBg27gWo+Sk3hbxuN3AtQ8OPC9w9+w@mail.gmail.com> [-- Attachment #1: Type: text/plain, Size: 1313 bytes --] Kyle Huey <me@kylehuey.com> writes: > On Thu, Nov 18, 2021 at 2:05 PM Eric W. Biederman <ebiederm@xmission.com> wrote: >> >> >> Recently to prevent issues with SECCOMP_RET_KILL and similar signals >> being changed before they are delivered SA_IMMUTABLE was added. >> >> Unfortunately this broke debuggers[1][2] which reasonably expect to be >> able to trap synchronous SIGTRAP and SIGSEGV even when the target >> process is not configured to handle those signals. >> >> Update force_sig_to_task to support both the case when we can >> allow the debugger to intercept and possibly ignore the >> signal and the case when it is not safe to let userspace >> known about the signal until the process has exited. > > s/known/know/ Fixed. >> Reported-by: Kyle Huey <me@kylehuey.com> >> Reported-by: kernel test robot <oliver.sang@intel.com> >> Cc: stable(a)vger.kernel.org >> [1] https://lkml.kernel.org/r/CAP045AoMY4xf8aC_4QU_-j7obuEPYgTcnQQP3Yxk=2X90jtpjw(a)mail.gmail.com >> [2] https://lkml.kernel.org/r/20211117150258.GB5403(a)xsang-OptiPlex-902 > > This link doesn't work. Shame. I missed a trailing 0, but unfortunately that request did not go to list that is archived on lore. I will keep the link on the chance the message winds up in a lore archive in the future. Eric
next prev parent reply other threads:[~2021-11-19 15:04 UTC|newest] Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-11-17 18:47 [REGRESSION] 5.16rc1: SA_IMMUTABLE breaks debuggers Kyle Huey 2021-11-17 18:51 ` Kees Cook 2021-11-17 19:05 ` Kyle Huey 2021-11-17 19:09 ` Kyle Huey 2021-11-17 21:04 ` Eric W. Biederman 2021-11-17 21:54 ` Kees Cook 2021-11-17 23:24 ` Linus Torvalds 2021-11-18 0:05 ` Kees Cook 2021-11-18 0:15 ` Linus Torvalds 2021-11-18 0:37 ` Kyle Huey 2021-11-18 1:11 ` Linus Torvalds 2021-11-18 1:20 ` Kyle Huey 2021-11-18 1:32 ` Kees Cook 2021-11-18 16:10 ` Eric W. Biederman 2021-11-19 16:07 ` Kyle Huey 2021-11-19 16:35 ` Kees Cook 2021-11-19 16:58 ` Kyle Huey 2021-11-18 21:58 ` [PATCH 0/2] SA_IMMUTABLE fixes Eric W. Biederman 2021-11-18 21:58 ` Eric W. Biederman 2021-11-18 22:04 ` [PATCH 1/2] signal: Don't always set SA_IMMUTABLE for forced signals Eric W. Biederman 2021-11-18 22:04 ` Eric W. Biederman 2021-11-18 23:52 ` Kees Cook 2021-11-18 23:52 ` Kees Cook 2021-11-18 23:54 ` Kees Cook 2021-11-18 23:54 ` Kees Cook 2021-11-19 15:08 ` Eric W. Biederman 2021-11-19 15:08 ` Eric W. Biederman 2021-11-19 1:13 ` Kyle Huey 2021-11-19 1:13 ` Kyle Huey 2021-11-19 15:03 ` Eric W. Biederman [this message] 2021-11-19 15:03 ` Eric W. Biederman 2021-11-18 22:05 ` [PATCH 2/2] signal: Replace force_fatal_sig with force_exit_sig when in doubt Eric W. Biederman 2021-11-18 22:05 ` Eric W. Biederman 2021-11-18 23:53 ` Kees Cook 2021-11-18 23:53 ` Kees Cook 2021-11-19 1:12 ` [PATCH 0/2] SA_IMMUTABLE fixes Kyle Huey 2021-11-19 1:12 ` Kyle Huey 2021-11-19 15:41 ` [GIT PULL] SA_IMMUTABLE fixes for v5.16-rc2 Eric W. Biederman 2021-11-19 15:41 ` Eric W. Biederman 2021-11-19 19:46 ` pr-tracker-bot 2021-11-19 19:46 ` pr-tracker-bot 2021-11-17 22:29 ` [REGRESSION] 5.16rc1: SA_IMMUTABLE breaks debuggers Kyle Huey 2021-11-18 5:43 ` Thorsten Leemhuis 2021-11-20 6:13 ` Thorsten Leemhuis
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=87r1bcp4pv.fsf@email.froward.int.ebiederm.org \ --to=ebiederm@xmission.com \ --cc=andrea.righi@canonical.com \ --cc=ast@kernel.org \ --cc=bpf@vger.kernel.org \ --cc=keescook@chromium.org \ --cc=linux-hardening@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-kselftest@vger.kernel.org \ --cc=lkp@intel.com \ --cc=lkp@lists.01.org \ --cc=luto@amacapital.net \ --cc=me@kylehuey.com \ --cc=oliver.sang@intel.com \ --cc=rocallahan@gmail.com \ --cc=shuah@kernel.org \ --cc=torvalds@linux-foundation.org \ --cc=wad@chromium.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.