On Wed, Jun 25, 2014 at 11:07 AM, Oleg Nesterov <oleg@xxxxxxxxxx> wrote: > On 06/24, Kees Cook wrote: >> >> +static void copy_seccomp(struct task_struct *p) >> +{ >> +#ifdef CONFIG_SECCOMP >> + /* >> + * Must be called with sighand->lock held, which is common to >> + * all threads in the group. Regardless, nothing special is >> + * needed for the child since it is not yet in the tasklist. >> + */ >> + BUG_ON(!spin_is_locked(¤t->sighand->siglock)); >> + >> + get_seccomp_filter(current); >> + p->seccomp = current->seccomp; >> + >> + if (p->seccomp.mode != SECCOMP_MODE_DISABLED) >> + set_tsk_thread_flag(p, TIF_SECCOMP); >> +#endif >> +} > > Wait. But what about no_new_privs? We should copy it as well... > > Perhaps this helper should be updated a bit and moved into seccomp.c so > that seccomp_sync_threads() could use it too. Ah! Yes. I had been thinking it had been copied during the task_struct duplication, but that would have been before holding sighand->lock, so it needs explicit recopying. Thanks! -Kees -- Kees Cook Chrome OS Security