diff options
| author | Yuichi Nakamura <ynakam@hitachisoft.jp> | 2007-11-10 05:21:34 -0500 |
|---|---|---|
| committer | Paul Mundt <lethal@linux-sh.org> | 2008-01-27 23:18:57 -0500 |
| commit | 1322b9def91ab8e9e673b58a64e13d6effaaa652 (patch) | |
| tree | b52716f0d120f9d51b0cf32462c4f6f68d3c412b /arch | |
| parent | 12760cb4df2a244efbaa262b32590af295c0b8e1 (diff) | |
sh: syscall audit support.
Support syscall auditing..
Signed-off-by: Yuichi Nakamura <ynakam@hitachisoft.jp>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Diffstat (limited to 'arch')
| -rw-r--r-- | arch/sh/kernel/entry-common.S | 8 | ||||
| -rw-r--r-- | arch/sh/kernel/ptrace_32.c | 21 |
2 files changed, 23 insertions, 6 deletions
diff --git a/arch/sh/kernel/entry-common.S b/arch/sh/kernel/entry-common.S index e0317ed080c3..397ac71d97f1 100644 --- a/arch/sh/kernel/entry-common.S +++ b/arch/sh/kernel/entry-common.S | |||
| @@ -224,7 +224,7 @@ work_resched: | |||
| 224 | syscall_exit_work: | 224 | syscall_exit_work: |
| 225 | ! r0: current_thread_info->flags | 225 | ! r0: current_thread_info->flags |
| 226 | ! r8: current_thread_info | 226 | ! r8: current_thread_info |
| 227 | tst #_TIF_SYSCALL_TRACE | _TIF_SINGLESTEP, r0 | 227 | tst #_TIF_SYSCALL_TRACE | _TIF_SINGLESTEP | _TIF_SYSCALL_AUDIT, r0 |
| 228 | bt/s work_pending | 228 | bt/s work_pending |
| 229 | tst #_TIF_NEED_RESCHED, r0 | 229 | tst #_TIF_NEED_RESCHED, r0 |
| 230 | #ifdef CONFIG_TRACE_IRQFLAGS | 230 | #ifdef CONFIG_TRACE_IRQFLAGS |
| @@ -234,6 +234,8 @@ syscall_exit_work: | |||
| 234 | #endif | 234 | #endif |
| 235 | sti | 235 | sti |
| 236 | ! XXX setup arguments... | 236 | ! XXX setup arguments... |
| 237 | mov r15, r4 | ||
| 238 | mov #1, r5 | ||
| 237 | mov.l 4f, r0 ! do_syscall_trace | 239 | mov.l 4f, r0 ! do_syscall_trace |
| 238 | jsr @r0 | 240 | jsr @r0 |
| 239 | nop | 241 | nop |
| @@ -244,6 +246,8 @@ syscall_exit_work: | |||
| 244 | syscall_trace_entry: | 246 | syscall_trace_entry: |
| 245 | ! Yes it is traced. | 247 | ! Yes it is traced. |
| 246 | ! XXX setup arguments... | 248 | ! XXX setup arguments... |
| 249 | mov r15, r4 | ||
| 250 | mov #0, r5 | ||
| 247 | mov.l 4f, r11 ! Call do_syscall_trace which notifies | 251 | mov.l 4f, r11 ! Call do_syscall_trace which notifies |
| 248 | jsr @r11 ! superior (will chomp R[0-7]) | 252 | jsr @r11 ! superior (will chomp R[0-7]) |
| 249 | nop | 253 | nop |
| @@ -366,7 +370,7 @@ ENTRY(system_call) | |||
| 366 | ! | 370 | ! |
| 367 | get_current_thread_info r8, r10 | 371 | get_current_thread_info r8, r10 |
| 368 | mov.l @(TI_FLAGS,r8), r8 | 372 | mov.l @(TI_FLAGS,r8), r8 |
| 369 | mov #_TIF_SYSCALL_TRACE, r10 | 373 | mov #(_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT), r10 |
| 370 | tst r10, r8 | 374 | tst r10, r8 |
| 371 | bf syscall_trace_entry | 375 | bf syscall_trace_entry |
| 372 | ! | 376 | ! |
diff --git a/arch/sh/kernel/ptrace_32.c b/arch/sh/kernel/ptrace_32.c index ac725f0aeb72..ce0664a58b49 100644 --- a/arch/sh/kernel/ptrace_32.c +++ b/arch/sh/kernel/ptrace_32.c | |||
| @@ -6,7 +6,7 @@ | |||
| 6 | * edited by Linus Torvalds | 6 | * edited by Linus Torvalds |
| 7 | * | 7 | * |
| 8 | * SuperH version: Copyright (C) 1999, 2000 Kaz Kojima & Niibe Yutaka | 8 | * SuperH version: Copyright (C) 1999, 2000 Kaz Kojima & Niibe Yutaka |
| 9 | * | 9 | * Audit support: Yuichi Nakamura <ynakam@hitachisoft.jp> |
| 10 | */ | 10 | */ |
| 11 | #include <linux/kernel.h> | 11 | #include <linux/kernel.h> |
| 12 | #include <linux/sched.h> | 12 | #include <linux/sched.h> |
| @@ -19,6 +19,7 @@ | |||
| 19 | #include <linux/security.h> | 19 | #include <linux/security.h> |
| 20 | #include <linux/signal.h> | 20 | #include <linux/signal.h> |
| 21 | #include <linux/io.h> | 21 | #include <linux/io.h> |
| 22 | #include <linux/audit.h> | ||
| 22 | #include <asm/uaccess.h> | 23 | #include <asm/uaccess.h> |
| 23 | #include <asm/pgtable.h> | 24 | #include <asm/pgtable.h> |
| 24 | #include <asm/system.h> | 25 | #include <asm/system.h> |
| @@ -248,15 +249,20 @@ long arch_ptrace(struct task_struct *child, long request, long addr, long data) | |||
| 248 | return ret; | 249 | return ret; |
| 249 | } | 250 | } |
| 250 | 251 | ||
| 251 | asmlinkage void do_syscall_trace(void) | 252 | asmlinkage void do_syscall_trace(struct pt_regs *regs, int entryexit) |
| 252 | { | 253 | { |
| 253 | struct task_struct *tsk = current; | 254 | struct task_struct *tsk = current; |
| 254 | 255 | ||
| 256 | if (unlikely(current->audit_context) && entryexit) | ||
| 257 | audit_syscall_exit(AUDITSC_RESULT(regs->regs[0]), | ||
| 258 | regs->regs[0]); | ||
| 259 | |||
| 255 | if (!test_thread_flag(TIF_SYSCALL_TRACE) && | 260 | if (!test_thread_flag(TIF_SYSCALL_TRACE) && |
| 256 | !test_thread_flag(TIF_SINGLESTEP)) | 261 | !test_thread_flag(TIF_SINGLESTEP)) |
| 257 | return; | 262 | goto out; |
| 258 | if (!(tsk->ptrace & PT_PTRACED)) | 263 | if (!(tsk->ptrace & PT_PTRACED)) |
| 259 | return; | 264 | goto out; |
| 265 | |||
| 260 | /* the 0x80 provides a way for the tracing parent to distinguish | 266 | /* the 0x80 provides a way for the tracing parent to distinguish |
| 261 | between a syscall stop and SIGTRAP delivery */ | 267 | between a syscall stop and SIGTRAP delivery */ |
| 262 | ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD) && | 268 | ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD) && |
| @@ -271,4 +277,11 @@ asmlinkage void do_syscall_trace(void) | |||
| 271 | send_sig(tsk->exit_code, tsk, 1); | 277 | send_sig(tsk->exit_code, tsk, 1); |
| 272 | tsk->exit_code = 0; | 278 | tsk->exit_code = 0; |
| 273 | } | 279 | } |
| 280 | |||
| 281 | out: | ||
| 282 | if (unlikely(current->audit_context) && !entryexit) | ||
| 283 | audit_syscall_entry(AUDIT_ARCH_SH, regs->regs[3], | ||
| 284 | regs->regs[4], regs->regs[5], | ||
| 285 | regs->regs[6], regs->regs[7]); | ||
| 286 | |||
| 274 | } | 287 | } |