← Back to team overview

kernel-packages team mailing list archive

[Bug 1496073] [NEW] Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO

 

Public bug reported:

The seccomp regression tests are failing due to SRU kernels not having
the relevant commit:

Author: Kees Cook <keescook@xxxxxxxxxxxx>
Date:   Tue Feb 17 13:48:00 2015 -0800

    seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO

    The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO
    when setting errno during a SECCOMP_RET_ERRNO filter action.  This makes
    sure we have a reliable value being set, so that an invalid errno will not
    be ignored by userspace.

    Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
    Reported-by: Dmitry V. Levin <ldv@xxxxxxxxxxxx>
    Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
    Cc: Will Drewry <wad@xxxxxxxxxxxx>
    Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
    Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>

SRU Justification

    Impact:
        Upstream regression tests are reporting errors.

    Test Case:
        Run the upstream regression tests and verify they are passing
        cleanly.

** Affects: linux (Ubuntu)
     Importance: Undecided
     Assignee: Brad Figg (brad-figg)
         Status: In Progress

** Changed in: linux (Ubuntu)
       Status: New => Triaged

** Changed in: linux (Ubuntu)
       Status: Triaged => In Progress

** Changed in: linux (Ubuntu)
     Assignee: (unassigned) => Brad Figg (brad-figg)

** Description changed:

  The seccomp regression tests are failing due to SRU kernels not having
  the relevant commit:
  
  Author: Kees Cook <keescook@xxxxxxxxxxxx>
  Date:   Tue Feb 17 13:48:00 2015 -0800
  
-     seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO
-     
-     The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO
-     when setting errno during a SECCOMP_RET_ERRNO filter action.  This makes
-     sure we have a reliable value being set, so that an invalid errno will not
-     be ignored by userspace.
-     
-     Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
-     Reported-by: Dmitry V. Levin <ldv@xxxxxxxxxxxx>
-     Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
-     Cc: Will Drewry <wad@xxxxxxxxxxxx>
-     Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
-     Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
+     seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO
+ 
+     The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO
+     when setting errno during a SECCOMP_RET_ERRNO filter action.  This makes
+     sure we have a reliable value being set, so that an invalid errno will not
+     be ignored by userspace.
+ 
+     Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
+     Reported-by: Dmitry V. Levin <ldv@xxxxxxxxxxxx>
+     Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
+     Cc: Will Drewry <wad@xxxxxxxxxxxx>
+     Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
+     Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
+ 
+ SRU Justification
+ 
+     Impact:
+         Upstream regression tests are reporting errors.
+ 
+     Test Case:
+         Run the upstream regression tests and verify they are passing
+         cleanly.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1496073

Title:
  Request cherry-pick of upstream kernel patch which caps
  SECCOMP_RET_ERRNO to MAX_ERRNO

Status in linux package in Ubuntu:
  In Progress

Bug description:
  The seccomp regression tests are failing due to SRU kernels not having
  the relevant commit:

  Author: Kees Cook <keescook@xxxxxxxxxxxx>
  Date:   Tue Feb 17 13:48:00 2015 -0800

      seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO

      The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO
      when setting errno during a SECCOMP_RET_ERRNO filter action.  This makes
      sure we have a reliable value being set, so that an invalid errno will not
      be ignored by userspace.

      Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
      Reported-by: Dmitry V. Levin <ldv@xxxxxxxxxxxx>
      Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
      Cc: Will Drewry <wad@xxxxxxxxxxxx>
      Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
      Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>

  SRU Justification

      Impact:
          Upstream regression tests are reporting errors.

      Test Case:
          Run the upstream regression tests and verify they are passing
          cleanly.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1496073/+subscriptions


Follow ups