[PATCH 11/14] s390/ptrace: run seccomp after ptrace

Martin Schwidefsky schwidefsky at de.ibm.com
Fri Jun 10 20:51:58 AEST 2016


On Thu,  9 Jun 2016 14:02:01 -0700
Kees Cook <keescook at chromium.org> wrote:

> Close the hole where ptrace can change a syscall out from under seccomp.
> 
> Signed-off-by: Kees Cook <keescook at chromium.org>
> Cc: Heiko Carstens <heiko.carstens at de.ibm.com>
> Cc: Martin Schwidefsky <schwidefsky at de.ibm.com>
> Cc: linux-s390 at vger.kernel.org
> ---
>  arch/s390/kernel/ptrace.c | 21 +++++++++------------
>  1 file changed, 9 insertions(+), 12 deletions(-)

If the change in semantics in regard to the audit of skipped system calls
is acceptable, the modified s390 arch code is ok.

-- 
blue skies,
   Martin.

"Reality continues to ruin my life." - Calvin.



More information about the Linuxppc-dev mailing list