git.baikalelectronics.ru Git - kernel.git/commit

author	Sargun Dhillon <sargun@sargun.me>
	Mon, 17 May 2021 19:39:06 +0000 (12:39 -0700)
committer	Kees Cook <keescook@chromium.org>
	Sat, 29 May 2021 18:13:27 +0000 (11:13 -0700)
commit	79935155b09e12168c5bdf9d3fa92c28cc3a1032
tree	8f61a3077ef4e5a4310c4d19731fc7daa522d7cf	tree \| snapshot
parent	1f442b4ace96c48f25a472dd129c962e088e3978	commit \| diff

seccomp: Refactor notification handler to prepare for new semantics

This refactors the user notification code to have a do / while loop around
the completion condition. This has a small change in semantic, in that
previously we ignored addfd calls upon wakeup if the notification had been
responded to, but instead with the new change we check for an outstanding
addfd calls prior to returning to userspace.

Rodrigo Campos also identified a bug that can result in addfd causing
an early return, when the supervisor didn't actually handle the
syscall [1].

[1]: https://lore.kernel.org/lkml/20210413160151.3301-1-rodrigo@kinvolk.io/

Fixes: 947201f43996 ("seccomp: Introduce addfd ioctl to seccomp user notifier")
Signed-off-by: Sargun Dhillon <sargun@sargun.me>
Acked-by: Tycho Andersen <tycho@tycho.pizza>
Acked-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Tested-by: Rodrigo Campos <rodrigo@kinvolk.io>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20210517193908.3113-3-sargun@sargun.me