diff options
| author | James Morris <james.l.morris@oracle.com> | 2016-01-27 18:53:54 -0500 |
|---|---|---|
| committer | James Morris <james.l.morris@oracle.com> | 2016-01-27 18:53:54 -0500 |
| commit | 1c1ecf172a4616cd8567182b99efa7a5df77f5d2 (patch) | |
| tree | 21d99ac3a8314fc513b6e58831d6e169d337e17d | |
| parent | eee045021fb22aeac7f5d6f2092430b530c880ee (diff) | |
| parent | 103502a35cfce0710909da874f092cb44823ca03 (diff) | |
Merge tag 'seccomp-4.5-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux into for-linus
| -rw-r--r-- | kernel/seccomp.c | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/kernel/seccomp.c b/kernel/seccomp.c index 580ac2d4024f..15a1795bbba1 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c | |||
| @@ -316,24 +316,24 @@ static inline void seccomp_sync_threads(void) | |||
| 316 | put_seccomp_filter(thread); | 316 | put_seccomp_filter(thread); |
| 317 | smp_store_release(&thread->seccomp.filter, | 317 | smp_store_release(&thread->seccomp.filter, |
| 318 | caller->seccomp.filter); | 318 | caller->seccomp.filter); |
| 319 | |||
| 320 | /* | ||
| 321 | * Don't let an unprivileged task work around | ||
| 322 | * the no_new_privs restriction by creating | ||
| 323 | * a thread that sets it up, enters seccomp, | ||
| 324 | * then dies. | ||
| 325 | */ | ||
| 326 | if (task_no_new_privs(caller)) | ||
| 327 | task_set_no_new_privs(thread); | ||
| 328 | |||
| 319 | /* | 329 | /* |
| 320 | * Opt the other thread into seccomp if needed. | 330 | * Opt the other thread into seccomp if needed. |
| 321 | * As threads are considered to be trust-realm | 331 | * As threads are considered to be trust-realm |
| 322 | * equivalent (see ptrace_may_access), it is safe to | 332 | * equivalent (see ptrace_may_access), it is safe to |
| 323 | * allow one thread to transition the other. | 333 | * allow one thread to transition the other. |
| 324 | */ | 334 | */ |
| 325 | if (thread->seccomp.mode == SECCOMP_MODE_DISABLED) { | 335 | if (thread->seccomp.mode == SECCOMP_MODE_DISABLED) |
| 326 | /* | ||
| 327 | * Don't let an unprivileged task work around | ||
| 328 | * the no_new_privs restriction by creating | ||
| 329 | * a thread that sets it up, enters seccomp, | ||
| 330 | * then dies. | ||
| 331 | */ | ||
| 332 | if (task_no_new_privs(caller)) | ||
| 333 | task_set_no_new_privs(thread); | ||
| 334 | |||
| 335 | seccomp_assign_mode(thread, SECCOMP_MODE_FILTER); | 336 | seccomp_assign_mode(thread, SECCOMP_MODE_FILTER); |
| 336 | } | ||
| 337 | } | 337 | } |
| 338 | } | 338 | } |
| 339 | 339 | ||