aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-05-08 10:56:09 -0400
committerDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-05-08 10:56:09 -0400
commitea9c102cb0a7969df5733d34f26e0b12c8a3c889 (patch)
tree27383b18b9f62d3c4f1b5dd9f3daeffb10416c15
parent13e652800d1644dfedcd0d59ac95ef0beb7f3165 (diff)
Add CONFIG_AUDITSC and CONFIG_SECCOMP support for ppc32
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
-rw-r--r--arch/ppc/Kconfig17
-rw-r--r--arch/ppc/kernel/entry.S16
-rw-r--r--arch/ppc/kernel/ppc_ksyms.c2
-rw-r--r--arch/ppc/kernel/ptrace.c40
-rw-r--r--include/asm-ppc/thread_info.h7
-rw-r--r--init/Kconfig2
6 files changed, 70 insertions, 14 deletions
diff --git a/arch/ppc/Kconfig b/arch/ppc/Kconfig
index 600f23d7fd33..cd752a3cf3bd 100644
--- a/arch/ppc/Kconfig
+++ b/arch/ppc/Kconfig
@@ -1083,6 +1083,23 @@ source "drivers/zorro/Kconfig"
1083 1083
1084source kernel/power/Kconfig 1084source kernel/power/Kconfig
1085 1085
1086config SECCOMP
1087 bool "Enable seccomp to safely compute untrusted bytecode"
1088 depends on PROC_FS
1089 default y
1090 help
1091 This kernel feature is useful for number crunching applications
1092 that may need to compute untrusted bytecode during their
1093 execution. By using pipes or other transports made available to
1094 the process as file descriptors supporting the read/write
1095 syscalls, it's possible to isolate those applications in
1096 their own address space using seccomp. Once seccomp is
1097 enabled via /proc/<pid>/seccomp, it cannot be disabled
1098 and the task is only allowed to execute a few safe syscalls
1099 defined by each seccomp mode.
1100
1101 If unsure, say Y. Only embedded should say N here.
1102
1086endmenu 1103endmenu
1087 1104
1088config ISA_DMA_API 1105config ISA_DMA_API
diff --git a/arch/ppc/kernel/entry.S b/arch/ppc/kernel/entry.S
index 5f075dbc4ee7..661523707e8c 100644
--- a/arch/ppc/kernel/entry.S
+++ b/arch/ppc/kernel/entry.S
@@ -202,7 +202,7 @@ _GLOBAL(DoSyscall)
202 rlwinm r11,r11,0,~_TIFL_FORCE_NOERROR 202 rlwinm r11,r11,0,~_TIFL_FORCE_NOERROR
203 stw r11,TI_LOCAL_FLAGS(r10) 203 stw r11,TI_LOCAL_FLAGS(r10)
204 lwz r11,TI_FLAGS(r10) 204 lwz r11,TI_FLAGS(r10)
205 andi. r11,r11,_TIF_SYSCALL_TRACE 205 andi. r11,r11,_TIF_SYSCALL_T_OR_A
206 bne- syscall_dotrace 206 bne- syscall_dotrace
207syscall_dotrace_cont: 207syscall_dotrace_cont:
208 cmplwi 0,r0,NR_syscalls 208 cmplwi 0,r0,NR_syscalls
@@ -237,7 +237,7 @@ ret_from_syscall:
237 SYNC 237 SYNC
238 MTMSRD(r10) 238 MTMSRD(r10)
239 lwz r9,TI_FLAGS(r12) 239 lwz r9,TI_FLAGS(r12)
240 andi. r0,r9,(_TIF_SYSCALL_TRACE|_TIF_SIGPENDING|_TIF_NEED_RESCHED) 240 andi. r0,r9,(_TIF_SYSCALL_T_OR_A|_TIF_SIGPENDING|_TIF_NEED_RESCHED)
241 bne- syscall_exit_work 241 bne- syscall_exit_work
242syscall_exit_cont: 242syscall_exit_cont:
243#if defined(CONFIG_4xx) || defined(CONFIG_BOOKE) 243#if defined(CONFIG_4xx) || defined(CONFIG_BOOKE)
@@ -277,7 +277,8 @@ syscall_dotrace:
277 SAVE_NVGPRS(r1) 277 SAVE_NVGPRS(r1)
278 li r0,0xc00 278 li r0,0xc00
279 stw r0,TRAP(r1) 279 stw r0,TRAP(r1)
280 bl do_syscall_trace 280 addi r3,r1,STACK_FRAME_OVERHEAD
281 bl do_syscall_trace_enter
281 lwz r0,GPR0(r1) /* Restore original registers */ 282 lwz r0,GPR0(r1) /* Restore original registers */
282 lwz r3,GPR3(r1) 283 lwz r3,GPR3(r1)
283 lwz r4,GPR4(r1) 284 lwz r4,GPR4(r1)
@@ -291,7 +292,7 @@ syscall_dotrace:
291syscall_exit_work: 292syscall_exit_work:
292 stw r6,RESULT(r1) /* Save result */ 293 stw r6,RESULT(r1) /* Save result */
293 stw r3,GPR3(r1) /* Update return value */ 294 stw r3,GPR3(r1) /* Update return value */
294 andi. r0,r9,_TIF_SYSCALL_TRACE 295 andi. r0,r9,_TIF_SYSCALL_T_OR_A
295 beq 5f 296 beq 5f
296 ori r10,r10,MSR_EE 297 ori r10,r10,MSR_EE
297 SYNC 298 SYNC
@@ -303,7 +304,8 @@ syscall_exit_work:
303 li r4,0xc00 304 li r4,0xc00
304 stw r4,TRAP(r1) 305 stw r4,TRAP(r1)
3054: 3064:
306 bl do_syscall_trace 307 addi r3,r1,STACK_FRAME_OVERHEAD
308 bl do_syscall_trace_leave
307 REST_NVGPRS(r1) 309 REST_NVGPRS(r1)
3082: 3102:
309 lwz r3,GPR3(r1) 311 lwz r3,GPR3(r1)
@@ -627,8 +629,8 @@ sigreturn_exit:
627 subi r1,r3,STACK_FRAME_OVERHEAD 629 subi r1,r3,STACK_FRAME_OVERHEAD
628 rlwinm r12,r1,0,0,18 /* current_thread_info() */ 630 rlwinm r12,r1,0,0,18 /* current_thread_info() */
629 lwz r9,TI_FLAGS(r12) 631 lwz r9,TI_FLAGS(r12)
630 andi. r0,r9,_TIF_SYSCALL_TRACE 632 andi. r0,r9,_TIF_SYSCALL_T_OR_A
631 bnel- do_syscall_trace 633 bnel- do_syscall_trace_leave
632 /* fall through */ 634 /* fall through */
633 635
634 .globl ret_from_except_full 636 .globl ret_from_except_full
diff --git a/arch/ppc/kernel/ppc_ksyms.c b/arch/ppc/kernel/ppc_ksyms.c
index 2ccb58fe4fc3..d59ad07de8e7 100644
--- a/arch/ppc/kernel/ppc_ksyms.c
+++ b/arch/ppc/kernel/ppc_ksyms.c
@@ -55,7 +55,6 @@
55#define EXPORT_SYMTAB_STROPS 55#define EXPORT_SYMTAB_STROPS
56 56
57extern void transfer_to_handler(void); 57extern void transfer_to_handler(void);
58extern void do_syscall_trace(void);
59extern void do_IRQ(struct pt_regs *regs); 58extern void do_IRQ(struct pt_regs *regs);
60extern void MachineCheckException(struct pt_regs *regs); 59extern void MachineCheckException(struct pt_regs *regs);
61extern void AlignmentException(struct pt_regs *regs); 60extern void AlignmentException(struct pt_regs *regs);
@@ -74,7 +73,6 @@ extern unsigned long mm_ptov (unsigned long paddr);
74EXPORT_SYMBOL(clear_pages); 73EXPORT_SYMBOL(clear_pages);
75EXPORT_SYMBOL(clear_user_page); 74EXPORT_SYMBOL(clear_user_page);
76EXPORT_SYMBOL(do_signal); 75EXPORT_SYMBOL(do_signal);
77EXPORT_SYMBOL(do_syscall_trace);
78EXPORT_SYMBOL(transfer_to_handler); 76EXPORT_SYMBOL(transfer_to_handler);
79EXPORT_SYMBOL(do_IRQ); 77EXPORT_SYMBOL(do_IRQ);
80EXPORT_SYMBOL(MachineCheckException); 78EXPORT_SYMBOL(MachineCheckException);
diff --git a/arch/ppc/kernel/ptrace.c b/arch/ppc/kernel/ptrace.c
index 59d59a8dc249..e7aee4108dea 100644
--- a/arch/ppc/kernel/ptrace.c
+++ b/arch/ppc/kernel/ptrace.c
@@ -27,6 +27,9 @@
27#include <linux/user.h> 27#include <linux/user.h>
28#include <linux/security.h> 28#include <linux/security.h>
29#include <linux/signal.h> 29#include <linux/signal.h>
30#include <linux/seccomp.h>
31#include <linux/audit.h>
32#include <linux/module.h>
30 33
31#include <asm/uaccess.h> 34#include <asm/uaccess.h>
32#include <asm/page.h> 35#include <asm/page.h>
@@ -455,11 +458,10 @@ out:
455 return ret; 458 return ret;
456} 459}
457 460
458void do_syscall_trace(void) 461static void do_syscall_trace(void)
459{ 462{
460 if (!test_thread_flag(TIF_SYSCALL_TRACE) 463 /* the 0x80 provides a way for the tracing parent to distinguish
461 || !(current->ptrace & PT_PTRACED)) 464 between a syscall stop and SIGTRAP delivery */
462 return;
463 ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD) 465 ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD)
464 ? 0x80 : 0)); 466 ? 0x80 : 0));
465 467
@@ -473,3 +475,33 @@ void do_syscall_trace(void)
473 current->exit_code = 0; 475 current->exit_code = 0;
474 } 476 }
475} 477}
478
479void do_syscall_trace_enter(struct pt_regs *regs)
480{
481 if (test_thread_flag(TIF_SYSCALL_TRACE)
482 && (current->ptrace & PT_PTRACED))
483 do_syscall_trace();
484
485 if (unlikely(current->audit_context))
486 audit_syscall_entry(current, AUDIT_ARCH_PPC,
487 regs->gpr[0],
488 regs->gpr[3], regs->gpr[4],
489 regs->gpr[5], regs->gpr[6]);
490}
491
492void do_syscall_trace_leave(struct pt_regs *regs)
493{
494 secure_computing(regs->gpr[0]);
495
496 if (unlikely(current->audit_context))
497 audit_syscall_exit(current,
498 (regs->ccr&0x1000)?AUDITSC_FAILURE:AUDITSC_SUCCESS,
499 regs->result);
500
501 if ((test_thread_flag(TIF_SYSCALL_TRACE))
502 && (current->ptrace & PT_PTRACED))
503 do_syscall_trace();
504}
505
506EXPORT_SYMBOL(do_syscall_trace_enter);
507EXPORT_SYMBOL(do_syscall_trace_leave);
diff --git a/include/asm-ppc/thread_info.h b/include/asm-ppc/thread_info.h
index f7f01524e8a8..e3b5284a6f91 100644
--- a/include/asm-ppc/thread_info.h
+++ b/include/asm-ppc/thread_info.h
@@ -77,12 +77,19 @@ static inline struct thread_info *current_thread_info(void)
77#define TIF_POLLING_NRFLAG 4 /* true if poll_idle() is polling 77#define TIF_POLLING_NRFLAG 4 /* true if poll_idle() is polling
78 TIF_NEED_RESCHED */ 78 TIF_NEED_RESCHED */
79#define TIF_MEMDIE 5 79#define TIF_MEMDIE 5
80#define TIF_SYSCALL_AUDIT 6 /* syscall auditing active */
81#define TIF_SECCOMP 7 /* secure computing */
82
80/* as above, but as bit values */ 83/* as above, but as bit values */
81#define _TIF_SYSCALL_TRACE (1<<TIF_SYSCALL_TRACE) 84#define _TIF_SYSCALL_TRACE (1<<TIF_SYSCALL_TRACE)
82#define _TIF_NOTIFY_RESUME (1<<TIF_NOTIFY_RESUME) 85#define _TIF_NOTIFY_RESUME (1<<TIF_NOTIFY_RESUME)
83#define _TIF_SIGPENDING (1<<TIF_SIGPENDING) 86#define _TIF_SIGPENDING (1<<TIF_SIGPENDING)
84#define _TIF_NEED_RESCHED (1<<TIF_NEED_RESCHED) 87#define _TIF_NEED_RESCHED (1<<TIF_NEED_RESCHED)
85#define _TIF_POLLING_NRFLAG (1<<TIF_POLLING_NRFLAG) 88#define _TIF_POLLING_NRFLAG (1<<TIF_POLLING_NRFLAG)
89#define _TIF_SYSCALL_AUDIT (1<<TIF_SYSCALL_AUDIT)
90#define _TIF_SECCOMP (1<<TIF_SECCOMP)
91
92#define _TIF_SYSCALL_T_OR_A (_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT|_TIF_SECCOMP)
86 93
87/* 94/*
88 * Non racy (local) flags bit numbers 95 * Non racy (local) flags bit numbers
diff --git a/init/Kconfig b/init/Kconfig
index d920baed109a..705497653465 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -173,7 +173,7 @@ config AUDIT
173 173
174config AUDITSYSCALL 174config AUDITSYSCALL
175 bool "Enable system-call auditing support" 175 bool "Enable system-call auditing support"
176 depends on AUDIT && (X86 || PPC64 || ARCH_S390 || IA64 || UML) 176 depends on AUDIT && (X86 || PPC || PPC64 || ARCH_S390 || IA64 || UML)
177 default y if SECURITY_SELINUX 177 default y if SECURITY_SELINUX
178 help 178 help
179 Enable low-overhead system-call auditing infrastructure that 179 Enable low-overhead system-call auditing infrastructure that