From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Tue, 16 Jul 2024 20:12:16 +0000 (-0700)
Subject: Merge tag 'seccomp-v6.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees... 
X-Git-Url: https://repo.jachan.dev/J-linux.git/commitdiff_plain/1ca995edf838a70c7c0aba2de7fc6da57e22cbf3?hp=-c

Merge tag 'seccomp-v6.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull seccomp updates from Kees Cook:

 - interrupt SECCOMP_IOCTL_NOTIF_RECV when all users exit (Andrei Vagin)

 - Update selftests to check for expected NOTIF_RECV exits (Andrei
   Vagin)

* tag 'seccomp-v6.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  selftests/seccomp: check that a zombie leader doesn't affect others
  selftests/seccomp: add test for NOTIF_RECV and unused filters
  seccomp: release task filters when the task exits
  seccomp: interrupt SECCOMP_IOCTL_NOTIF_RECV when all users have exited
---

1ca995edf838a70c7c0aba2de7fc6da57e22cbf3
diff --combined kernel/exit.c
index 81fcee45d630,b945ab81eb92..be81342caf1b
--- a/kernel/exit.c
+++ b/kernel/exit.c
@@@ -277,7 -277,6 +277,6 @@@ repeat
  	}
  
  	write_unlock_irq(&tasklist_lock);
- 	seccomp_filter_release(p);
  	proc_flush_pid(thread_pid);
  	put_pid(thread_pid);
  	release_thread(p);
@@@ -484,8 -483,6 +483,8 @@@ retry
  	 * Search through everything else, we should not get here often.
  	 */
  	for_each_process(g) {
 +		if (atomic_read(&mm->mm_users) <= 1)
 +			break;
  		if (g->flags & PF_KTHREAD)
  			continue;
  		for_each_thread(g, c) {
@@@ -834,6 -831,8 +833,8 @@@ void __noreturn do_exit(long code
  	io_uring_files_cancel();
  	exit_signals(tsk);  /* sets PF_EXITING */
  
+ 	seccomp_filter_release(tsk);
+ 
  	acct_update_integrals(tsk);
  	group_dead = atomic_dec_and_test(&tsk->signal->live);
  	if (group_dead) {