| From 9fbd355d1aee5cda84e6c63a9d0822d18f74b819 Mon Sep 17 00:00:00 2001 |
| From: Sasha Levin <sashal@kernel.org> |
| Date: Mon, 15 Jun 2020 15:42:46 -0700 |
| Subject: seccomp: Fix ioctl number for SECCOMP_IOCTL_NOTIF_ID_VALID |
| |
| From: Kees Cook <keescook@chromium.org> |
| |
| [ Upstream commit 47e33c05f9f07cac3de833e531bcac9ae052c7ca ] |
| |
| When SECCOMP_IOCTL_NOTIF_ID_VALID was first introduced it had the wrong |
| direction flag set. While this isn't a big deal as nothing currently |
| enforces these bits in the kernel, it should be defined correctly. Fix |
| the define and provide support for the old command until it is no longer |
| needed for backward compatibility. |
| |
| Fixes: 6a21cc50f0c7 ("seccomp: add a return code to trap to userspace") |
| Signed-off-by: Kees Cook <keescook@chromium.org> |
| Signed-off-by: Sasha Levin <sashal@kernel.org> |
| --- |
| include/uapi/linux/seccomp.h | 3 ++- |
| kernel/seccomp.c | 9 +++++++++ |
| tools/testing/selftests/seccomp/seccomp_bpf.c | 2 +- |
| 3 files changed, 12 insertions(+), 2 deletions(-) |
| |
| diff --git a/include/uapi/linux/seccomp.h b/include/uapi/linux/seccomp.h |
| index c1735455bc536..965290f7dcc28 100644 |
| --- a/include/uapi/linux/seccomp.h |
| +++ b/include/uapi/linux/seccomp.h |
| @@ -123,5 +123,6 @@ struct seccomp_notif_resp { |
| #define SECCOMP_IOCTL_NOTIF_RECV SECCOMP_IOWR(0, struct seccomp_notif) |
| #define SECCOMP_IOCTL_NOTIF_SEND SECCOMP_IOWR(1, \ |
| struct seccomp_notif_resp) |
| -#define SECCOMP_IOCTL_NOTIF_ID_VALID SECCOMP_IOR(2, __u64) |
| +#define SECCOMP_IOCTL_NOTIF_ID_VALID SECCOMP_IOW(2, __u64) |
| + |
| #endif /* _UAPI_LINUX_SECCOMP_H */ |
| diff --git a/kernel/seccomp.c b/kernel/seccomp.c |
| index 55a6184f59903..63e283c4c58eb 100644 |
| --- a/kernel/seccomp.c |
| +++ b/kernel/seccomp.c |
| @@ -42,6 +42,14 @@ |
| #include <linux/uaccess.h> |
| #include <linux/anon_inodes.h> |
| |
| +/* |
| + * When SECCOMP_IOCTL_NOTIF_ID_VALID was first introduced, it had the |
| + * wrong direction flag in the ioctl number. This is the broken one, |
| + * which the kernel needs to keep supporting until all userspaces stop |
| + * using the wrong command number. |
| + */ |
| +#define SECCOMP_IOCTL_NOTIF_ID_VALID_WRONG_DIR SECCOMP_IOR(2, __u64) |
| + |
| enum notify_state { |
| SECCOMP_NOTIFY_INIT, |
| SECCOMP_NOTIFY_SENT, |
| @@ -1186,6 +1194,7 @@ static long seccomp_notify_ioctl(struct file *file, unsigned int cmd, |
| return seccomp_notify_recv(filter, buf); |
| case SECCOMP_IOCTL_NOTIF_SEND: |
| return seccomp_notify_send(filter, buf); |
| + case SECCOMP_IOCTL_NOTIF_ID_VALID_WRONG_DIR: |
| case SECCOMP_IOCTL_NOTIF_ID_VALID: |
| return seccomp_notify_id_valid(filter, buf); |
| default: |
| diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c |
| index c0aa46ce14f6c..c84c7b50331c6 100644 |
| --- a/tools/testing/selftests/seccomp/seccomp_bpf.c |
| +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c |
| @@ -180,7 +180,7 @@ struct seccomp_metadata { |
| #define SECCOMP_IOCTL_NOTIF_RECV SECCOMP_IOWR(0, struct seccomp_notif) |
| #define SECCOMP_IOCTL_NOTIF_SEND SECCOMP_IOWR(1, \ |
| struct seccomp_notif_resp) |
| -#define SECCOMP_IOCTL_NOTIF_ID_VALID SECCOMP_IOR(2, __u64) |
| +#define SECCOMP_IOCTL_NOTIF_ID_VALID SECCOMP_IOW(2, __u64) |
| |
| struct seccomp_notif { |
| __u64 id; |
| -- |
| 2.25.1 |
| |