If an application tries to install a seccomp filter using
prctl(PR_SET_SECCOMP), the filter is likely for the target instead of the host
architecture. This will probably cause qemu to be immediately killed when it
executes another syscall.
Prevent this from happening by returning EINVAL from both seccomp prctl
calls. This is the error returned by the kernel when seccomp support is
disabled.
Fixes: https://bugs.launchpad.net/qemu/+bug/1726394
Signed-off-by: James Cowgill <james.cowgill@mips.com>
---
Changes from v1:
- add comment
linux-user/syscall.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index d4497dec5d..419991e834 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -10482,6 +10482,12 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
break;
}
#endif
+ case PR_GET_SECCOMP:
+ case PR_SET_SECCOMP:
+ /* Disable seccomp to prevent the target disabling syscalls we
+ * need. */
+ ret = -TARGET_EINVAL;
+ break;
default:
/* Most prctl options have no pointer arguments */
ret = get_errno(prctl(arg1, arg2, arg3, arg4, arg5));
--
2.15.0
Le 06/11/2017 à 19:03, James Cowgill a écrit : > If an application tries to install a seccomp filter using > prctl(PR_SET_SECCOMP), the filter is likely for the target instead of the host > architecture. This will probably cause qemu to be immediately killed when it > executes another syscall. > > Prevent this from happening by returning EINVAL from both seccomp prctl > calls. This is the error returned by the kernel when seccomp support is > disabled. > > Fixes: https://bugs.launchpad.net/qemu/+bug/1726394 > Signed-off-by: James Cowgill <james.cowgill@mips.com> > --- > Changes from v1: > - add comment > > linux-user/syscall.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/linux-user/syscall.c b/linux-user/syscall.c > index d4497dec5d..419991e834 100644 > --- a/linux-user/syscall.c > +++ b/linux-user/syscall.c > @@ -10482,6 +10482,12 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1, > break; > } > #endif > + case PR_GET_SECCOMP: > + case PR_SET_SECCOMP: > + /* Disable seccomp to prevent the target disabling syscalls we > + * need. */ > + ret = -TARGET_EINVAL; > + break; > default: > /* Most prctl options have no pointer arguments */ > ret = get_errno(prctl(arg1, arg2, arg3, arg4, arg5)); > Reviewed-by: Laurent Vivier <laurent@vivier.eu>
On Mon, Nov 06, 2017 at 06:03:51PM +0000, James Cowgill wrote: > If an application tries to install a seccomp filter using > prctl(PR_SET_SECCOMP), the filter is likely for the target instead of the host > architecture. This will probably cause qemu to be immediately killed when it > executes another syscall. > > Prevent this from happening by returning EINVAL from both seccomp prctl > calls. This is the error returned by the kernel when seccomp support is > disabled. Thanks, applied to linux-user > Fixes: https://bugs.launchpad.net/qemu/+bug/1726394 > Signed-off-by: James Cowgill <james.cowgill@mips.com> > --- > Changes from v1: > - add comment > > linux-user/syscall.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/linux-user/syscall.c b/linux-user/syscall.c > index d4497dec5d..419991e834 100644 > --- a/linux-user/syscall.c > +++ b/linux-user/syscall.c > @@ -10482,6 +10482,12 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1, > break; > } > #endif > + case PR_GET_SECCOMP: > + case PR_SET_SECCOMP: > + /* Disable seccomp to prevent the target disabling syscalls we > + * need. */ > + ret = -TARGET_EINVAL; > + break; > default: > /* Most prctl options have no pointer arguments */ > ret = get_errno(prctl(arg1, arg2, arg3, arg4, arg5)); > -- > 2.15.0 > >
© 2016 - 2024 Red Hat, Inc.