kybaaz/linux-xiaomi-chiron
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

seccomp updates for v5.19-rc1

Browse source 
- Rework USER_NOTIF notification ordering and kill logic (Sargun Dhillon)
 
 - Improved PTRACE_O_SUSPEND_SECCOMP selftest (Jann Horn)
 
 - Gracefully handle failed unshare() in selftests (Yang Guang)
 
 - Spelling fix (Colin Ian King)
 -----BEGIN PGP SIGNATURE-----
 
 iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAmKL3PcWHGtlZXNjb29r
 QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJv6PD/0TQeV6brFi+m98nQpASx/gaBL2
 c/0IgjBBVeA3CWjfN25gogIiFc8sKzs0hVnFkQt0JX6wgvqKAvU3ZCpVUoF4U4KB
 yznJQgzU66bvw/t+Sy6eSuZTN9bYzS+nWjczpwtRmcfzLLRtODN//9Hbz+2j9zdX
 VJzbfy4pGpiiZ25ZxbKDhu9P8WFTjaC7bohI5/+RG/cLEPOR9xTdNBOHBksk6VYm
 dRy9gT6v6BwF66APs1DylL+xVTSxsjymd0hvtRUn4R6+GHCZ8tlwgUFkb5oKEmki
 qCoxpj0a+EZ3Z8WAtbOJJYixB/MwK9vAxNqjcIyGbdhXvj2mZ3YRNu03araMQh+N
 9vJdsfScu6401Hk+di40X0voSFwoMyheGu51tbT1El2DC0JLSZBsYceb/zSxyM7s
 KFVU7Is2pKj1UsxHoj8ielhJHOw8h0prdQmyMydaapTD/MXH3WKT/PFoT+oGG9IN
 2MCpwz2U1VQmpn5bqdXlesTRRfOTGwUhI+hrDGAnnE+d2P+K/Ujoyq4ZDmP87aYP
 fCM0fQi+BGj3F6XDwKnpdg/qTLZInwRg2ZChQlky/DR+PIaTavSjBZcfvc0IKzhd
 vaFM80tNXl5BXZN0c9foCrU+s0ErdNVC00qs/EdpjTGAqSySnEkuPNq0/DmbLF67
 e8puOuFCkYHFQgPz5A==
 =KxfK
 -----END PGP SIGNATURE-----

Merge tag 'seccomp-v5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull seccomp updates from Kees Cook:

 - Rework USER_NOTIF notification ordering and kill logic (Sargun
   Dhillon)

 - Improved PTRACE_O_SUSPEND_SECCOMP selftest (Jann Horn)

 - Gracefully handle failed unshare() in selftests (Yang Guang)

 - Spelling fix (Colin Ian King)

* tag 'seccomp-v5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  selftests/seccomp: Fix spelling mistake "Coud" -> "Could"
  selftests/seccomp: Add test for wait killable notifier
  selftests/seccomp: Refactor get_proc_stat to split out file reading code
  seccomp: Add wait_killable semantic to seccomp user notifier
  selftests/seccomp: Ensure that notifications come in FIFO order
  seccomp: Use FIFO semantics to order notifications
  selftests/seccomp: Add SKIP for failed unshare()
  selftests/seccomp: Test PTRACE_O_SUSPEND_SECCOMP without CAP_SYS_ADMIN
This commit is contained in:
Linus Torvalds 2022-05-24 12:37:24 -07:00
commit dc8af1ffd6
6 changed files with 482 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
include/uapi/linux/seccomp.h
View file

@ -23,6 +23,8 @@
#define SECCOMP_FILTER_FLAG_SPEC_ALLOW (1UL << 2)
#define SECCOMP_FILTER_FLAG_NEW_LISTENER (1UL << 3)
#define SECCOMP_FILTER_FLAG_TSYNC_ESRCH (1UL << 4)
/* Received notifications wait in killable state (only respond to fatal signals) */
#define SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV (1UL << 5)
/*
* All BPF programs must return a 32-bit value.