On Fri, Apr 12, 2019 at 11:07:11AM -0600, shuah wrote:
> On 4/12/19 9:25 AM, Tycho Andersen wrote:
> > On Thu, Apr 11, 2019 at 04:56:31PM -0700, Kees Cook wrote:
> > > When running without USERNS or PIDNS the seccomp test would hang since
> > > it was waiting forever for the child to trigger the user notification
> > > since it seems the glibc() abort handler makes a call to getpid(),
> > > which would trap again. This changes the getpid filter to getppid, and
> > > makes sure ASSERTs execute to stop from spawning the listener.
> > >
> > > Reported-by: Shuah Khan <shuah@xxxxxxxxxx>
> > > Fixes: 6a21cc50f0c7 ("seccomp: add a return code to trap to userspace")
> > > Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
> >
> > Sorry for the delay, thanks for looking at this!
> >
> > Reviewed-by: Tycho Andersen <tycho@xxxxxxxx>
> >
>
> Thanks both. Should it go into stables. I will pull this and
> add stable if that is appropriate.
Yes, for 5.0+ that sounds good.
Thanks!
Tycho
