kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #134973
[Bug 1496073] [NEW] Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
Public bug reported:
The seccomp regression tests are failing due to SRU kernels not having
the relevant commit:
Author: Kees Cook <keescook@xxxxxxxxxxxx>
Date: Tue Feb 17 13:48:00 2015 -0800
seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO
The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO
when setting errno during a SECCOMP_RET_ERRNO filter action. This makes
sure we have a reliable value being set, so that an invalid errno will not
be ignored by userspace.
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
Reported-by: Dmitry V. Levin <ldv@xxxxxxxxxxxx>
Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
Cc: Will Drewry <wad@xxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
SRU Justification
Impact:
Upstream regression tests are reporting errors.
Test Case:
Run the upstream regression tests and verify they are passing
cleanly.
** Affects: linux (Ubuntu)
Importance: Undecided
Assignee: Brad Figg (brad-figg)
Status: In Progress
** Changed in: linux (Ubuntu)
Status: New => Triaged
** Changed in: linux (Ubuntu)
Status: Triaged => In Progress
** Changed in: linux (Ubuntu)
Assignee: (unassigned) => Brad Figg (brad-figg)
** Description changed:
The seccomp regression tests are failing due to SRU kernels not having
the relevant commit:
Author: Kees Cook <keescook@xxxxxxxxxxxx>
Date: Tue Feb 17 13:48:00 2015 -0800
- seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO
-
- The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO
- when setting errno during a SECCOMP_RET_ERRNO filter action. This makes
- sure we have a reliable value being set, so that an invalid errno will not
- be ignored by userspace.
-
- Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
- Reported-by: Dmitry V. Levin <ldv@xxxxxxxxxxxx>
- Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Cc: Will Drewry <wad@xxxxxxxxxxxx>
- Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
- Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
+ seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO
+
+ The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO
+ when setting errno during a SECCOMP_RET_ERRNO filter action. This makes
+ sure we have a reliable value being set, so that an invalid errno will not
+ be ignored by userspace.
+
+ Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
+ Reported-by: Dmitry V. Levin <ldv@xxxxxxxxxxxx>
+ Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
+ Cc: Will Drewry <wad@xxxxxxxxxxxx>
+ Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
+ Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
+
+ SRU Justification
+
+ Impact:
+ Upstream regression tests are reporting errors.
+
+ Test Case:
+ Run the upstream regression tests and verify they are passing
+ cleanly.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1496073
Title:
Request cherry-pick of upstream kernel patch which caps
SECCOMP_RET_ERRNO to MAX_ERRNO
Status in linux package in Ubuntu:
In Progress
Bug description:
The seccomp regression tests are failing due to SRU kernels not having
the relevant commit:
Author: Kees Cook <keescook@xxxxxxxxxxxx>
Date: Tue Feb 17 13:48:00 2015 -0800
seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO
The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO
when setting errno during a SECCOMP_RET_ERRNO filter action. This makes
sure we have a reliable value being set, so that an invalid errno will not
be ignored by userspace.
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
Reported-by: Dmitry V. Levin <ldv@xxxxxxxxxxxx>
Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
Cc: Will Drewry <wad@xxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
SRU Justification
Impact:
Upstream regression tests are reporting errors.
Test Case:
Run the upstream regression tests and verify they are passing
cleanly.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1496073/+subscriptions
Follow ups
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Launchpad Bug Tracker, 2016-04-05
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Launchpad Bug Tracker, 2016-04-05
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Launchpad Bug Tracker, 2016-04-05
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Launchpad Bug Tracker, 2016-04-05
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Brad Figg, 2016-03-28
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Kamal Mostafa, 2016-03-21
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Kamal Mostafa, 2016-03-03
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Kamal Mostafa, 2016-03-03
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Brad Figg, 2016-03-01
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Launchpad Bug Tracker, 2015-10-20
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Brad Figg, 2015-10-12
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Luis Henriques, 2015-10-08
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Launchpad Bug Tracker, 2015-10-07
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Brad Figg, 2015-10-05
-
[Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
From: Brad Figg, 2015-09-15