seccomp: Fix setting loaded filter count during TSYNC

The desired behavior is to set the caller's filter count to thread's.
This value is reported via /proc, so this fixes the inaccurate count
exposed to userspace; it is not used for reference counting, etc.

Signed-off-by: Hsuan-Chi Kuo <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Co-developed-by: Wiktor Garbacz <[email protected]>
Signed-off-by: Wiktor Garbacz <[email protected]>
Link: https://lore.kernel.org/lkml/[email protected]
Signed-off-by: Kees Cook <[email protected]>
Cc: [email protected]
Fixes: c818c03b661c ("seccomp: Report number of loaded filters in /proc/$pid/status")

diff --git a/kernel/seccomp.c b/kernel/seccomp.c
index 057e17f3215d5633fc18df103fae36702a63bba4..6469eca8078ca01eb3e0407d741964a25e88d2d1 100644 (file)
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -602,7 +602,7 @@ static inline void seccomp_sync_threads(unsigned long flags)
                smp_store_release(&thread->seccomp.filter,
                                  caller->seccomp.filter);
                atomic_set(&thread->seccomp.filter_count,
-                          atomic_read(&thread->seccomp.filter_count));
+                          atomic_read(&caller->seccomp.filter_count));
 
                /*
                 * Don't let an unprivileged task work around