diff options
| author | Will Drewry <wad@chromium.org> | 2012-04-12 17:48:01 -0400 |
|---|---|---|
| committer | James Morris <james.l.morris@oracle.com> | 2012-04-13 21:13:21 -0400 |
| commit | bb6ea4301a1109afdacaee576fedbfcd7152fc86 (patch) | |
| tree | 5412219057d8e0ec2a30d0a1ad4f6b7dd398c754 /arch/Kconfig | |
| parent | a0727e8ce513fe6890416da960181ceb10fbfae6 (diff) | |
seccomp: Add SECCOMP_RET_TRAP
Adds a new return value to seccomp filters that triggers a SIGSYS to be
delivered with the new SYS_SECCOMP si_code.
This allows in-process system call emulation, including just specifying
an errno or cleanly dumping core, rather than just dying.
Suggested-by: Markus Gutschke <markus@chromium.org>
Suggested-by: Julien Tinnes <jln@chromium.org>
Signed-off-by: Will Drewry <wad@chromium.org>
Acked-by: Eric Paris <eparis@redhat.com>
v18: - acked-by, rebase
- don't mention secure_computing_int() anymore
v15: - use audit_seccomp/skip
- pad out error spacing; clean up switch (indan@nul.nu)
v14: - n/a
v13: - rebase on to 88ebdda6159ffc15699f204c33feb3e431bf9bdc
v12: - rebase on to linux-next
v11: - clarify the comment (indan@nul.nu)
- s/sigtrap/sigsys
v10: - use SIGSYS, syscall_get_arch, updates arch/Kconfig
note suggested-by (though original suggestion had other behaviors)
v9: - changes to SIGILL
v8: - clean up based on changes to dependent patches
v7: - introduction
Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'arch/Kconfig')
| -rw-r--r-- | arch/Kconfig | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/arch/Kconfig b/arch/Kconfig index beaab68c13b7..66aef13f6038 100644 --- a/arch/Kconfig +++ b/arch/Kconfig | |||
| @@ -219,11 +219,15 @@ config ARCH_WANT_OLD_COMPAT_IPC | |||
| 219 | config HAVE_ARCH_SECCOMP_FILTER | 219 | config HAVE_ARCH_SECCOMP_FILTER |
| 220 | bool | 220 | bool |
| 221 | help | 221 | help |
| 222 | This symbol should be selected by an architecure if it provides | 222 | This symbol should be selected by an architecure if it provides: |
| 223 | asm/syscall.h, specifically syscall_get_arguments(), | 223 | asm/syscall.h: |
| 224 | syscall_get_arch(), and syscall_set_return_value(). Additionally, | 224 | - syscall_get_arch() |
| 225 | its system call entry path must respect a return value of -1 from | 225 | - syscall_get_arguments() |
| 226 | __secure_computing() and/or secure_computing(). | 226 | - syscall_rollback() |
| 227 | - syscall_set_return_value() | ||
| 228 | SIGSYS siginfo_t support must be implemented. | ||
| 229 | __secure_computing()/secure_computing()'s return value must be | ||
| 230 | checked, with -1 resulting in the syscall being skipped. | ||
| 227 | 231 | ||
| 228 | config SECCOMP_FILTER | 232 | config SECCOMP_FILTER |
| 229 | def_bool y | 233 | def_bool y |