git.baikalelectronics.ru Git - kernel.git/commit

author	Sargun Dhillon <sargun@sargun.me>
	Mon, 17 May 2021 19:39:06 +0000 (12:39 -0700)
committer	Kees Cook <keescook@chromium.org>
	Sat, 29 May 2021 18:13:27 +0000 (11:13 -0700)
commit	3bea7a7b7ce8342ceca58e173def0d4aa388a20f
tree	8f61a3077ef4e5a4310c4d19731fc7daa522d7cf	tree \| snapshot
parent	1da23e1654f91246718ba80ea1f8cb555d2d008a	commit \| diff

seccomp: Refactor notification handler to prepare for new semantics

This refactors the user notification code to have a do / while loop around
the completion condition. This has a small change in semantic, in that
previously we ignored addfd calls upon wakeup if the notification had been
responded to, but instead with the new change we check for an outstanding
addfd calls prior to returning to userspace.

Rodrigo Campos also identified a bug that can result in addfd causing
an early return, when the supervisor didn't actually handle the
syscall [1].

[1]: https://lore.kernel.org/lkml/20210413160151.3301-1-rodrigo@kinvolk.io/

Fixes: 8a331d6d37e3 ("seccomp: Introduce addfd ioctl to seccomp user notifier")
Signed-off-by: Sargun Dhillon <sargun@sargun.me>
Acked-by: Tycho Andersen <tycho@tycho.pizza>
Acked-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Tested-by: Rodrigo Campos <rodrigo@kinvolk.io>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20210517193908.3113-3-sargun@sargun.me