Merge tag 'seccomp-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull seccomp updates from Kees Cook:

 - Add missing kerndoc parameter (Randy Dunlap)

 - Improve seccomp selftest to check CAP_SYS_ADMIN (Gautam Menghani)

 - Fix allocation leak when cloned thread immediately dies (Kuniyuki
   Iwashima)

* tag 'seccomp-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  seccomp: document the "filter_count" field
  seccomp: Move copy_seccomp() to no failure path.
  selftests/seccomp: Check CAP_SYS_ADMIN capability in the test mode_filter_without_nnp

1 files changed, 11 insertions, 6 deletions

diff --git a/kernel/fork.c b/kernel/fork.c
index 08969f5aa38d..844dfdc8c639 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -535,6 +535,9 @@ void put_task_stack(struct task_struct *tsk)
 
 void free_task(struct task_struct *tsk)
 {
+#ifdef CONFIG_SECCOMP
+	WARN_ON_ONCE(tsk->seccomp.filter);
+#endif
 	release_user_cpus_ptr(tsk);
 	scs_release(tsk);
 
@@ -2406,12 +2409,6 @@ static __latent_entropy struct task_struct *copy_process(
 
 	spin_lock(&current->sighand->siglock);
 
-	/*
-	 * Copy seccomp details explicitly here, in case they were changed
-	 * before holding sighand lock.
-	 */
-	copy_seccomp(p);
-
 	rv_task_fork(p);
 
 	rseq_fork(p, clone_flags);
@@ -2428,6 +2425,14 @@ static __latent_entropy struct task_struct *copy_process(
 		goto bad_fork_cancel_cgroup;
 	}
 
+	/* No more failure paths after this point. */
+
+	/*
+	 * Copy seccomp details explicitly here, in case they were changed
+	 * before holding sighand lock.
+	 */
+	copy_seccomp(p);
+
 	init_task_pid_links(p);
 	if (likely(p->pid)) {
 		ptrace_init_task(p, (clone_flags & CLONE_PTRACE) || trace);