[Devel,rh7] seccomp, ptrace: Fix typo in filter fetching

Submitted by Kirill Gorkunov on Dec. 6, 2016, 2:59 p.m.

Details

Message ID 20161206145930.GA31181@uranus
State New
Series "seccomp, ptrace: Fix typo in filter fetching"
Headers show

Commit Message

Kirill Gorkunov Dec. 6, 2016, 2:59 p.m.
In commit 42b65fd18057d64410a0519962cd0650c762c99f there
is a typo: we need to copy the complete filter chain
not only first number.

https://jira.sw.ru/browse/PSBM-55593

CC: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
---

I am continue investigating the problem since tests
are not yet passed but this fix may be applied independently.

 kernel/seccomp.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Patch hide | download patch | download mbox

Index: linux-pcs7.git/kernel/seccomp.c
===================================================================
--- linux-pcs7.git.orig/kernel/seccomp.c
+++ linux-pcs7.git/kernel/seccomp.c
@@ -566,7 +566,7 @@  long seccomp_get_filter(struct task_stru
 	get_seccomp_filter(task);
 	spin_unlock_irq(&task->sighand->siglock);
 
-	if (copy_to_user(data, filter->insns, filter->len))
+	if (copy_to_user(data, filter->insns, filter->len * sizeof(filter->insns[0])))
 		ret = -EFAULT;
 
 	put_seccomp_filter(task);

Comments

Andrey Vagin Dec. 7, 2016, 8:37 a.m.
On Tue, Dec 06, 2016 at 05:59:30PM +0300, Cyrill Gorcunov wrote:
> In commit 42b65fd18057d64410a0519962cd0650c762c99f there
> is a typo: we need to copy the complete filter chain
> not only first number.
> 
> https://jira.sw.ru/browse/PSBM-55593
>

Acked-by: Andrey Vagin <avagin@openvz.org> 
> CC: Andrey Vagin <avagin@openvz.org>
> Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
> ---
> 
> I am continue investigating the problem since tests
> are not yet passed but this fix may be applied independently.
> 
>  kernel/seccomp.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> Index: linux-pcs7.git/kernel/seccomp.c
> ===================================================================
> --- linux-pcs7.git.orig/kernel/seccomp.c
> +++ linux-pcs7.git/kernel/seccomp.c
> @@ -566,7 +566,7 @@ long seccomp_get_filter(struct task_stru
>  	get_seccomp_filter(task);
>  	spin_unlock_irq(&task->sighand->siglock);
>  
> -	if (copy_to_user(data, filter->insns, filter->len))
> +	if (copy_to_user(data, filter->insns, filter->len * sizeof(filter->insns[0])))
>  		ret = -EFAULT;
>  
>  	put_seccomp_filter(task);