4 files changed, 37 insertions, 6 deletions
diff --git a/arch/Kconfig b/arch/Kconfig
index beaab68c13b7..66aef13f6038 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -219,11 +219,15 @@ config ARCH_WANT_OLD_COMPAT_IPC
 config HAVE_ARCH_SECCOMP_FILTER
        bool
        help
-          This symbol should be selected by an architecure if it provides
+          This symbol should be selected by an architecure if it provides:
-          asm/syscall.h, specifically syscall_get_arguments(),
+          asm/syscall.h:
-          syscall_get_arch(), and syscall_set_return_value().  Additionally,
+          - syscall_get_arch()
-          its system call entry path must respect a return value of -1 from
+          - syscall_get_arguments()
-          __secure_computing() and/or secure_computing().
+          - syscall_rollback()
+          - syscall_set_return_value()
+          SIGSYS siginfo_t support must be implemented.
+          __secure_computing()/secure_computing()'s return value must be
+          checked, with -1 resulting in the syscall being skipped.
 config SECCOMP_FILTER
        def_bool y
diff --git a/include/asm-generic/siginfo.h b/include/asm-generic/siginfo.h
index 31306f55eb02..af5d0350f84c 100644
--- a/include/asm-generic/siginfo.h
+++ b/include/asm-generic/siginfo.h
@@ -93,7 +93,7 @@ typedef struct siginfo {
                /* SIGSYS */
                struct {
-                        void __user *_call_addr; /* calling insn */
+                        void __user *_call_addr; /* calling user insn */
                        int _syscall;   /* triggering system call number */
                        unsigned int _arch;     /* AUDIT_ARCH_* of syscall */
                } _sigsys;
diff --git a/include/linux/seccomp.h b/include/linux/seccomp.h
index b4ce2c816e06..317ccb78cf40 100644
--- a/include/linux/seccomp.h
+++ b/include/linux/seccomp.h
@@ -19,6 +19,7 @@
 * selects the least permissive choice.
 */
 #define SECCOMP_RET_KILL        0x00000000U /* kill the task immediately */
+#define SECCOMP_RET_TRAP        0x00030000U /* disallow and force a SIGSYS */
 #define SECCOMP_RET_ERRNO       0x00050000U /* returns an errno */
 #define SECCOMP_RET_ALLOW       0x7fff0000U /* allow */
diff --git a/kernel/seccomp.c b/kernel/seccomp.c
index 5f78fb6d2212..9c3830692a08 100644
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -332,6 +332,26 @@ void put_seccomp_filter(struct task_struct *tsk)
                kfree(freeme);
        }
 }
+/**
+ * seccomp_send_sigsys - signals the task to allow in-process syscall emulation
+ * @syscall: syscall number to send to userland
+ * @reason: filter-supplied reason code to send to userland (via si_errno)
+ *
+ * Forces a SIGSYS with a code of SYS_SECCOMP and related sigsys info.
+ */
+static void seccomp_send_sigsys(int syscall, int reason)
+{
+        struct siginfo info;
+        memset(&info, 0, sizeof(info));
+        info.si_signo = SIGSYS;
+        info.si_code = SYS_SECCOMP;
+        info.si_call_addr = (void __user *)KSTK_EIP(current);
+        info.si_errno = reason;
+        info.si_arch = syscall_get_arch(current, task_pt_regs(current));
+        info.si_syscall = syscall;
+        force_sig_info(SIGSYS, &info, current);
+}
 #endif  /* CONFIG_SECCOMP_FILTER */
 /*
@@ -382,6 +402,12 @@ int __secure_computing(int this_syscall)
                        syscall_set_return_value(current, task_pt_regs(current),
                                                 -data, 0);
                        goto skip;
+                case SECCOMP_RET_TRAP:
+                        /* Show the handler the original registers. */
+                        syscall_rollback(current, task_pt_regs(current));
+                        /* Let the filter pass back 16 bits of data. */
+                        seccomp_send_sigsys(this_syscall, data);
+                        goto skip;
                case SECCOMP_RET_ALLOW:
                        return 0;
                case SECCOMP_RET_KILL: