precise has wrong PTRACE_EVENT_SECCOMP value

Bug #1326905 reported by Kees Cook on 2014-06-05
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
High
Unassigned
Precise
High
Unassigned

Bug Description

In v3.2, there was confusion over the new "PTRACE_EVENT_EXIT" value. Ultimately, upstream fixed it, but in the precise backporting of seccomp, the wrong value was used: 5cdf389aee90109e2e3d88085dea4dd5508a3be7

As a result, seccomp filteres expecting ptrace managers don't work correctly on precise.

The attached patch backports the upstream PTRACE_EVENT_EXIT value and restores the correct PTRACE_EVENT_SECCOMP value.

SRU Justification:
Impact: seccomp filters using ptrace managers don't work on precise
Fix: fix ptrace flag numbering to match all other released kernel versions
Testcase: https://github.com/kees/seccomp/tree/ptrace

Kees Cook (kees) wrote :

Wrong:

$ cd /src/kernels/ubuntu/precise ; git grep PTRACE_EVENT_SECCOMP
...
include/linux/ptrace.h:#define PTRACE_EVENT_SECCOMP 8

Correct:

$ cd /src/kernels/ubuntu/trusty ; git grep PTRACE_EVENT_SECCOMP
...
include/uapi/linux/ptrace.h:#define PTRACE_EVENT_SECCOMP 7

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 1326905

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
Changed in linux (Ubuntu Precise):
status: New → Incomplete
tags: added: precise
Kees Cook (kees) on 2014-06-05
description: updated
Joseph Salisbury (jsalisbury) wrote :
Changed in linux (Ubuntu):
importance: Undecided → High
Changed in linux (Ubuntu Precise):
importance: Undecided → High
tags: added: kernel-da-key kernel-stable-key
Changed in linux (Ubuntu):
status: Incomplete → Triaged
Changed in linux (Ubuntu Precise):
status: Incomplete → Triaged
tags: added: patch
Brad Figg (brad-figg) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-precise' to 'verification-done-precise'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-precise
Kees Cook (kees) wrote :

I've confirmed this is fixed. Thanks!

$ cat /proc/version_signature
Ubuntu 3.2.0-65.98-generic 3.2.60
$ ./seccomp_bpf_tests
...
[ RUN ] TRACE.read_has_side_effects
[ OK ] TRACE.read_has_side_effects
[ RUN ] TRACE.getpid_runs_normally
[ OK ] TRACE.getpid_runs_normally
...

tags: added: verification-done-precise
removed: verification-needed-precise
Launchpad Janitor (janitor) wrote :
Download full text (7.2 KiB)

This bug was fixed in the package linux - 3.2.0-65.98

---------------
linux (3.2.0-65.98) precise; urgency=low

  [ Joseph Salisbury ]

  * Release Tracking Bug
    - LP: #1328620

  [ Kamal Mostafa ]

  * [Config] add debian/gbp.conf

  [ Upstream Kernel Changes ]

  * Revert "macvlan : fix checksums error when we are in bridge mode"
    - LP: #1328154
  * ptrace: renumber PTRACE_EVENT_STOP so that future new options and
    events can match
    - LP: #1326905
  * powerpc: Add vr save/restore functions
    - LP: #1328154
  * ACPI / EC: Clear stale EC events on Samsung systems
    - LP: #1328154
  * ACPI / EC: Process rather than discard events in acpi_ec_clear
    - LP: #1328154
  * tgafb: fix mode setting with fbset
    - LP: #1328154
  * netfilter: Can't fail and free after table replacement
    - LP: #1328154
  * tracepoint: Do not waste memory on mods with no tracepoints
    - LP: #1328154
  * l2tp: take PMTU from tunnel UDP socket
    - LP: #1328154
  * net: core: don't account for udp header size when computing seglen
    - LP: #1328154
  * bonding: Remove debug_fs files when module init fails
    - LP: #1328154
  * ipv6: Limit mtu to 65575 bytes
    - LP: #1328154
  * filter: prevent nla extensions to peek beyond the end of the message
    - LP: #1328154
  * tg3: update rx_jumbo_pending ring param only when jumbo frames are
    enabled
    - LP: #1328154
  * rtnetlink: Warn when interface's information won't fit in our packet
    - LP: #1328154
  * rtnetlink: Only supply IFLA_VF_PORTS information when RTEXT_FILTER_VF
    is set
    - LP: #1328154
  * bridge: Handle IFLA_ADDRESS correctly when creating bridge device
    - LP: #1328154
  * sctp: reset flowi4_oif parameter on route lookup
    - LP: #1328154
  * tcp_cubic: fix the range of delayed_ack
    - LP: #1328154
  * net: ipv4: ip_forward: fix inverted local_df test
    - LP: #1328154
  * ipv4: fib_semantics: increment fib_info_cnt after fib_info allocation
    - LP: #1328154
  * macvlan: Don't propagate IFF_ALLMULTI changes on down interfaces.
    - LP: #1328154
  * act_mirred: do not drop packets when fails to mirror it
    - LP: #1328154
  * ipv4: initialise the itag variable in __mkroute_input
    - LP: #1328154
  * skb: Add inline helper for getting the skb end offset from head
    - LP: #1328154
  * net-gro: reset skb->truesize in napi_reuse_skb()
    - LP: #1328154
  * rt2x00: fix beaconing on USB
    - LP: #1328154
  * Input: synaptics - add min/max quirk for ThinkPad Edge E431
    - LP: #1328154
  * drm/vmwgfx: Make sure user-space can't DMA across buffer object
    boundaries v2
    - LP: #1328154
  * Bluetooth: Fix redundant encryption request for reauthentication
    - LP: #1328154
  * Bluetooth: Add support for Lite-on [04ca:3007]
    - LP: #1328154
  * crypto: caam - add allocation failure handling in SPRINTFCAT macro
    - LP: #1328154
  * kvm: free resources after canceling async_pf
    - LP: #1328154
  * kvm: remove .done from struct kvm_async_pf
    - LP: #1328154
  * KVM: async_pf: mm->mm_users can not pin apf->mm
    - LP: #1328154
  * ftrace/module: Hardcode ftrace_module_init() call into load_module()
    - LP: #1328154
  * mpt2sas: Don't disable device twice...

Read more...

Changed in linux (Ubuntu Precise):
status: Triaged → Fix Released
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers