[PATCH v12 11/13] x86: Enable HAVE_ARCH_SECCOMP_FILTER |
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: [PATCH v12 11/13] x86: Enable HAVE_ARCH_SECCOMP_FILTER
- From: Will Drewry <wad@xxxxxxxxxxxx>
- Date: Wed, 29 Feb 2012 17:53:38 -0600
- Authentication-results: mr.google.com; spf=pass (google.com: domain of wad@xxxxxxxxxxxx designates 10.236.200.230 as permitted sender) smtp.mail=wad@xxxxxxxxxxxx; dkim=pass header.i=wad@xxxxxxxxxxxx
- Cc: linux-arch@xxxxxxxxxxxxxxx, linux-doc@xxxxxxxxxxxxxxx, kernel-hardening@xxxxxxxxxxxxxxxxxx, netdev@xxxxxxxxxxxxxxx, x86@xxxxxxxxxx, arnd@xxxxxxxx, davem@xxxxxxxxxxxxx, hpa@xxxxxxxxx, mingo@xxxxxxxxxx, oleg@xxxxxxxxxx, peterz@xxxxxxxxxxxxx, rdunlap@xxxxxxxxxxxx, mcgrathr@xxxxxxxxxxxx, tglx@xxxxxxxxxxxxx, luto@xxxxxxx, eparis@xxxxxxxxxx, serge.hallyn@xxxxxxxxxxxxx, djm@xxxxxxxxxxx, scarybeasts@xxxxxxxxx, indan@xxxxxx, pmoore@xxxxxxxxxx, akpm@xxxxxxxxxxxxxxxxxxxx, corbet@xxxxxxx, eric.dumazet@xxxxxxxxx, markus@xxxxxxxxxxxx, coreyb@xxxxxxxxxxxxxxxxxx, keescook@xxxxxxxxxxxx, Will Drewry <wad@xxxxxxxxxxxx>
- In-reply-to: <1330559620-23543-1-git-send-email-wad@chromium.org>
Enable support for seccomp filter on x86:
- asm/tracehook.h exists
- syscall_get_arguments() works
- syscall_rollback() works
- ptrace_report_syscall() works
- secure_computing() return value is honored (see below)
This also adds support for honoring the return
value from secure_computing().
SECCOMP_RET_TRACE and SECCOMP_RET_TRAP may result in seccomp needing to
skip a system call without killing the process. This is done by
returning a non-zero (-1) value from secure_computing. This change
makes x86 respect that return value.
To ensure that minimal kernel code is exposed, a non-zero return value
results in an immediate return to user space (with an invalid syscall
number).
Signed-off-by: Will Drewry <wad@xxxxxxxxxxxx>
---
arch/x86/Kconfig | 1 +
arch/x86/kernel/ptrace.c | 7 ++++++-
2 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index f50b52a..fe35491 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -81,6 +81,7 @@ config X86
select CLKEVT_I8253
select ARCH_HAVE_NMI_SAFE_CMPXCHG
select GENERIC_IOMAP
+ select HAVE_ARCH_SECCOMP_FILTER
config INSTRUCTION_DECODER
def_bool (KPROBES || PERF_EVENTS || UPROBES)
diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c
index 78f05e4..cdce22c 100644
--- a/arch/x86/kernel/ptrace.c
+++ b/arch/x86/kernel/ptrace.c
@@ -1381,7 +1381,11 @@ long syscall_trace_enter(struct pt_regs *regs)
regs->flags |= X86_EFLAGS_TF;
/* do the secure computing check first */
- secure_computing(regs->orig_ax);
+ if (secure_computing(regs->orig_ax)) {
+ /* seccomp failures shouldn't expose any additional code. */
+ ret = -1L;
+ goto out;
+ }
if (unlikely(test_thread_flag(TIF_SYSCALL_EMU)))
ret = -1L;
@@ -1406,6 +1410,7 @@ long syscall_trace_enter(struct pt_regs *regs)
regs->dx, regs->r10);
#endif
+out:
return ret ?: regs->orig_ax;
}
--
1.7.5.4
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
[Linux Kernel Discussion]
[Ethernet Bridging]
[Linux Wireless Networking]
[Linux Bluetooth Networking]
[Linux Networking Users]
[VLAN]
[Git]
[IETF Annouce]
[Linux Assembly]
[Security]
[Bugtraq]
[Photo]
[Singles Social Networking]
[Yosemite Information]
[MIPS Linux]
[ARM Linux Kernel]
[ARM Linux]
[Linux Virtualization]
[Linux Security]
[Linux IDE]
[Linux RAID]
[Linux SCSI]
[Free Dating]
