projects / cascardo / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8112c4f) | patch
seccomp: recheck the syscall after RET_TRACE
authorKees Cook <keescook@chromium.org>
Thu, 2 Jun 2016 02:29:15 +0000 (19:29 -0700)
committerKees Cook <keescook@chromium.org>
Tue, 14 Jun 2016 17:54:41 +0000 (10:54 -0700)
commitce6526e8afa4b6ad0ab134a4cc50c9c863319637
treec3074e4661ee9432faf518fd2eef8527c5811730tree | snapshot
parent8112c4f140fa03f9ee68aad2cc79afa7df5418d3commit | diff
seccomp: recheck the syscall after RET_TRACE

When RET_TRACE triggers, a tracer may change a syscall into something that
should be filtered by seccomp. This re-runs seccomp after a trace event
to make sure things continue to pass.

Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Andy Lutomirski <luto@kernel.org>
kernel/seccomp.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.