diff options
author | Paul Mundt <lethal@linux-sh.org> | 2008-07-30 15:30:52 +0900 |
---|---|---|
committer | Paul Mundt <lethal@linux-sh.org> | 2008-08-02 04:39:32 +0900 |
commit | c4637d475170ca0d99973efd07df727012db6cd1 (patch) | |
tree | 8d2f6581dfaf0ea148753845513fff3dd53ce13f /arch | |
parent | cec3fd3e2a7cacf37e2bd6d9fa915337245cc563 (diff) |
sh: seccomp support.
This hooks up the seccomp thread flag and associated callback from the
syscall tracer.
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Diffstat (limited to 'arch')
-rw-r--r-- | arch/sh/Kconfig | 17 | ||||
-rw-r--r-- | arch/sh/include/asm/seccomp.h | 10 | ||||
-rw-r--r-- | arch/sh/include/asm/thread_info.h | 6 | ||||
-rw-r--r-- | arch/sh/kernel/ptrace_32.c | 3 | ||||
-rw-r--r-- | arch/sh/kernel/ptrace_64.c | 3 |
5 files changed, 37 insertions, 2 deletions
diff --git a/arch/sh/Kconfig b/arch/sh/Kconfig index cb992c3d6b7..0ae541107f3 100644 --- a/arch/sh/Kconfig +++ b/arch/sh/Kconfig @@ -483,6 +483,23 @@ config CRASH_DUMP For more details see Documentation/kdump/kdump.txt +config SECCOMP + bool "Enable seccomp to safely compute untrusted bytecode" + depends on PROC_FS + default y + help + This kernel feature is useful for number crunching applications + that may need to compute untrusted bytecode during their + execution. By using pipes or other transports made available to + the process as file descriptors supporting the read/write + syscalls, it's possible to isolate those applications in + their own address space using seccomp. Once seccomp is + enabled via prctl, it cannot be disabled and the task is only + allowed to execute a few safe syscalls defined by each seccomp + mode. + + If unsure, say N. + config SMP bool "Symmetric multi-processing support" depends on SYS_SUPPORTS_SMP diff --git a/arch/sh/include/asm/seccomp.h b/arch/sh/include/asm/seccomp.h new file mode 100644 index 00000000000..3280ed3802e --- /dev/null +++ b/arch/sh/include/asm/seccomp.h @@ -0,0 +1,10 @@ +#ifndef __ASM_SECCOMP_H + +#include <linux/unistd.h> + +#define __NR_seccomp_read __NR_read +#define __NR_seccomp_write __NR_write +#define __NR_seccomp_exit __NR_exit +#define __NR_seccomp_sigreturn __NR_rt_sigreturn + +#endif /* __ASM_SECCOMP_H */ diff --git a/arch/sh/include/asm/thread_info.h b/arch/sh/include/asm/thread_info.h index c05b1afd132..03d1e386670 100644 --- a/arch/sh/include/asm/thread_info.h +++ b/arch/sh/include/asm/thread_info.h @@ -117,7 +117,8 @@ static inline struct thread_info *current_thread_info(void) #define TIF_NEED_RESCHED 2 /* rescheduling necessary */ #define TIF_RESTORE_SIGMASK 3 /* restore signal mask in do_signal() */ #define TIF_SINGLESTEP 4 /* singlestepping active */ -#define TIF_SYSCALL_AUDIT 5 +#define TIF_SYSCALL_AUDIT 5 /* syscall auditing active */ +#define TIF_SECCOMP 6 /* secure computing */ #define TIF_USEDFPU 16 /* FPU was used by this task this quantum (SMP) */ #define TIF_POLLING_NRFLAG 17 /* true if poll_idle() is polling TIF_NEED_RESCHED */ #define TIF_MEMDIE 18 @@ -129,6 +130,7 @@ static inline struct thread_info *current_thread_info(void) #define _TIF_RESTORE_SIGMASK (1 << TIF_RESTORE_SIGMASK) #define _TIF_SINGLESTEP (1 << TIF_SINGLESTEP) #define _TIF_SYSCALL_AUDIT (1 << TIF_SYSCALL_AUDIT) +#define _TIF_SECCOMP (1 << TIF_SECCOMP) #define _TIF_USEDFPU (1 << TIF_USEDFPU) #define _TIF_POLLING_NRFLAG (1 << TIF_POLLING_NRFLAG) #define _TIF_FREEZE (1 << TIF_FREEZE) @@ -141,7 +143,7 @@ static inline struct thread_info *current_thread_info(void) /* work to do in syscall trace */ #define _TIF_WORK_SYSCALL_MASK (_TIF_SYSCALL_TRACE | _TIF_SINGLESTEP | \ - _TIF_SYSCALL_AUDIT) + _TIF_SYSCALL_AUDIT | _TIF_SECCOMP) /* work to do on any return to u-space */ #define _TIF_ALLWORK_MASK (_TIF_SYSCALL_TRACE | _TIF_SIGPENDING | \ diff --git a/arch/sh/kernel/ptrace_32.c b/arch/sh/kernel/ptrace_32.c index 2bc72def5cf..e9bd4b2aa9c 100644 --- a/arch/sh/kernel/ptrace_32.c +++ b/arch/sh/kernel/ptrace_32.c @@ -20,6 +20,7 @@ #include <linux/signal.h> #include <linux/io.h> #include <linux/audit.h> +#include <linux/seccomp.h> #include <asm/uaccess.h> #include <asm/pgtable.h> #include <asm/system.h> @@ -276,6 +277,8 @@ asmlinkage void do_syscall_trace(struct pt_regs *regs, int entryexit) { struct task_struct *tsk = current; + secure_computing(regs->regs[0]); + if (unlikely(current->audit_context) && entryexit) audit_syscall_exit(AUDITSC_RESULT(regs->regs[0]), regs->regs[0]); diff --git a/arch/sh/kernel/ptrace_64.c b/arch/sh/kernel/ptrace_64.c index d453c47dc52..7d877626095 100644 --- a/arch/sh/kernel/ptrace_64.c +++ b/arch/sh/kernel/ptrace_64.c @@ -27,6 +27,7 @@ #include <linux/signal.h> #include <linux/syscalls.h> #include <linux/audit.h> +#include <linux/seccomp.h> #include <asm/io.h> #include <asm/uaccess.h> #include <asm/pgtable.h> @@ -277,6 +278,8 @@ asmlinkage void syscall_trace(struct pt_regs *regs, int entryexit) { struct task_struct *tsk = current; + secure_computing(regs->regs[9]); + if (unlikely(current->audit_context) && entryexit) audit_syscall_exit(AUDITSC_RESULT(regs->regs[9]), regs->regs[9]); |