From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752918AbcFNR5e (ORCPT <rfc822;w@1wt.eu>);
	Tue, 14 Jun 2016 13:57:34 -0400
Received: from mail-pf0-f181.google.com ([209.85.192.181]:33522 "EHLO
	mail-pf0-f181.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752142AbcFNR5c (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Tue, 14 Jun 2016 13:57:32 -0400
Date: Tue, 14 Jun 2016 10:57:29 -0700
From: Kees Cook <keescook@chromium.org>
To: James Morris <jmorris@namei.org>
Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org,
        Andy Lutomirski <luto@kernel.org>, Kees Cook <keescook@chromium.org>
Subject: [PULL] seccomp update (next)
Message-ID: <20160614175729.GA20816@www.outflux.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi,

Please pull these seccomp changes for next. These have been tested by
myself and Andy, and close a long-standing issue with seccomp where tracers
could change the syscall out from under seccomp.

Thanks!

-Kees

The following changes since commit 40d273782ff16fe1a7445cc05c66a447dfea3433:

  security: tomoyo: simplify the gc kthread creation (2016-06-06 20:23:55 +1000)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/seccomp-next

for you to fetch changes up to 26703c636c1f3272b39bd0f6d04d2e970984f1b6:

  um/ptrace: run seccomp after ptrace (2016-06-14 10:54:47 -0700)

----------------------------------------------------------------
Fix seccomp vs ptrace ordering to plug syscall filter bypass issue.

----------------------------------------------------------------
Andy Lutomirski (2):
      seccomp: Add a seccomp_data parameter secure_computing()
      x86/entry: Get rid of two-phase syscall entry work

Kees Cook (12):
      seccomp: add tests for ptrace hole
      seccomp: remove 2-phase API
      seccomp: recheck the syscall after RET_TRACE
      x86/ptrace: run seccomp after ptrace
      arm/ptrace: run seccomp after ptrace
      arm64/ptrace: run seccomp after ptrace
      MIPS/ptrace: run seccomp after ptrace
      parisc/ptrace: run seccomp after ptrace
      s390/ptrace: run seccomp after ptrace
      powerpc/ptrace: run seccomp after ptrace
      tile/ptrace: run seccomp after ptrace
      um/ptrace: run seccomp after ptrace

 arch/arm/kernel/ptrace.c                      |  13 +-
 arch/arm64/kernel/ptrace.c                    |   8 +-
 arch/mips/kernel/ptrace.c                     |   9 +-
 arch/parisc/kernel/ptrace.c                   |   9 +-
 arch/powerpc/kernel/ptrace.c                  |  46 +++----
 arch/s390/kernel/ptrace.c                     |  21 ++-
 arch/tile/kernel/ptrace.c                     |  11 +-
 arch/um/kernel/skas/syscall.c                 |   9 +-
 arch/x86/entry/common.c                       | 106 +++-------------
 arch/x86/entry/vsyscall/vsyscall_64.c         |   2 +-
 arch/x86/include/asm/ptrace.h                 |   6 -
 include/linux/seccomp.h                       |  14 +-
 kernel/seccomp.c                              | 144 ++++++++-------------
 tools/testing/selftests/seccomp/seccomp_bpf.c | 176 ++++++++++++++++++++++++--
 14 files changed, 309 insertions(+), 265 deletions(-)

-- 
Kees Cook
Chrome OS & Brillo Security