diff options
Diffstat (limited to 'arch')
29 files changed, 181 insertions, 150 deletions
diff --git a/arch/arm/include/asm/kprobes.h b/arch/arm/include/asm/kprobes.h index feec86768f9c..f82ec22eeb11 100644 --- a/arch/arm/include/asm/kprobes.h +++ b/arch/arm/include/asm/kprobes.h | |||
@@ -24,7 +24,6 @@ | |||
24 | #define MAX_INSN_SIZE 2 | 24 | #define MAX_INSN_SIZE 2 |
25 | #define MAX_STACK_SIZE 64 /* 32 would probably be OK */ | 25 | #define MAX_STACK_SIZE 64 /* 32 would probably be OK */ |
26 | 26 | ||
27 | #define regs_return_value(regs) ((regs)->ARM_r0) | ||
28 | #define flush_insn_slot(p) do { } while (0) | 27 | #define flush_insn_slot(p) do { } while (0) |
29 | #define kretprobe_blacklist_size 0 | 28 | #define kretprobe_blacklist_size 0 |
30 | 29 | ||
diff --git a/arch/arm/include/asm/ptrace.h b/arch/arm/include/asm/ptrace.h index 96187ff58c24..451808ba1211 100644 --- a/arch/arm/include/asm/ptrace.h +++ b/arch/arm/include/asm/ptrace.h | |||
@@ -189,6 +189,11 @@ static inline int valid_user_regs(struct pt_regs *regs) | |||
189 | return 0; | 189 | return 0; |
190 | } | 190 | } |
191 | 191 | ||
192 | static inline long regs_return_value(struct pt_regs *regs) | ||
193 | { | ||
194 | return regs->ARM_r0; | ||
195 | } | ||
196 | |||
192 | #define instruction_pointer(regs) (regs)->ARM_pc | 197 | #define instruction_pointer(regs) (regs)->ARM_pc |
193 | 198 | ||
194 | #ifdef CONFIG_SMP | 199 | #ifdef CONFIG_SMP |
diff --git a/arch/arm/include/asm/thread_info.h b/arch/arm/include/asm/thread_info.h index 0f30c3a78fc1..d4c24d412a8d 100644 --- a/arch/arm/include/asm/thread_info.h +++ b/arch/arm/include/asm/thread_info.h | |||
@@ -129,6 +129,7 @@ extern void vfp_flush_hwstate(struct thread_info *); | |||
129 | /* | 129 | /* |
130 | * thread information flags: | 130 | * thread information flags: |
131 | * TIF_SYSCALL_TRACE - syscall trace active | 131 | * TIF_SYSCALL_TRACE - syscall trace active |
132 | * TIF_SYSCAL_AUDIT - syscall auditing active | ||
132 | * TIF_SIGPENDING - signal pending | 133 | * TIF_SIGPENDING - signal pending |
133 | * TIF_NEED_RESCHED - rescheduling necessary | 134 | * TIF_NEED_RESCHED - rescheduling necessary |
134 | * TIF_NOTIFY_RESUME - callback before returning to user | 135 | * TIF_NOTIFY_RESUME - callback before returning to user |
@@ -139,6 +140,7 @@ extern void vfp_flush_hwstate(struct thread_info *); | |||
139 | #define TIF_NEED_RESCHED 1 | 140 | #define TIF_NEED_RESCHED 1 |
140 | #define TIF_NOTIFY_RESUME 2 /* callback before returning to user */ | 141 | #define TIF_NOTIFY_RESUME 2 /* callback before returning to user */ |
141 | #define TIF_SYSCALL_TRACE 8 | 142 | #define TIF_SYSCALL_TRACE 8 |
143 | #define TIF_SYSCALL_AUDIT 9 | ||
142 | #define TIF_POLLING_NRFLAG 16 | 144 | #define TIF_POLLING_NRFLAG 16 |
143 | #define TIF_USING_IWMMXT 17 | 145 | #define TIF_USING_IWMMXT 17 |
144 | #define TIF_MEMDIE 18 /* is terminating due to OOM killer */ | 146 | #define TIF_MEMDIE 18 /* is terminating due to OOM killer */ |
@@ -149,11 +151,15 @@ extern void vfp_flush_hwstate(struct thread_info *); | |||
149 | #define _TIF_NEED_RESCHED (1 << TIF_NEED_RESCHED) | 151 | #define _TIF_NEED_RESCHED (1 << TIF_NEED_RESCHED) |
150 | #define _TIF_NOTIFY_RESUME (1 << TIF_NOTIFY_RESUME) | 152 | #define _TIF_NOTIFY_RESUME (1 << TIF_NOTIFY_RESUME) |
151 | #define _TIF_SYSCALL_TRACE (1 << TIF_SYSCALL_TRACE) | 153 | #define _TIF_SYSCALL_TRACE (1 << TIF_SYSCALL_TRACE) |
154 | #define _TIF_SYSCALL_AUDIT (1 << TIF_SYSCALL_AUDIT) | ||
152 | #define _TIF_POLLING_NRFLAG (1 << TIF_POLLING_NRFLAG) | 155 | #define _TIF_POLLING_NRFLAG (1 << TIF_POLLING_NRFLAG) |
153 | #define _TIF_USING_IWMMXT (1 << TIF_USING_IWMMXT) | 156 | #define _TIF_USING_IWMMXT (1 << TIF_USING_IWMMXT) |
154 | #define _TIF_RESTORE_SIGMASK (1 << TIF_RESTORE_SIGMASK) | 157 | #define _TIF_RESTORE_SIGMASK (1 << TIF_RESTORE_SIGMASK) |
155 | #define _TIF_SECCOMP (1 << TIF_SECCOMP) | 158 | #define _TIF_SECCOMP (1 << TIF_SECCOMP) |
156 | 159 | ||
160 | /* Checks for any syscall work in entry-common.S */ | ||
161 | #define _TIF_SYSCALL_WORK (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT) | ||
162 | |||
157 | /* | 163 | /* |
158 | * Change these and you break ASM code in entry-common.S | 164 | * Change these and you break ASM code in entry-common.S |
159 | */ | 165 | */ |
diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry-common.S index b2a27b6b0046..520889cf1b5b 100644 --- a/arch/arm/kernel/entry-common.S +++ b/arch/arm/kernel/entry-common.S | |||
@@ -87,7 +87,7 @@ ENTRY(ret_from_fork) | |||
87 | get_thread_info tsk | 87 | get_thread_info tsk |
88 | ldr r1, [tsk, #TI_FLAGS] @ check for syscall tracing | 88 | ldr r1, [tsk, #TI_FLAGS] @ check for syscall tracing |
89 | mov why, #1 | 89 | mov why, #1 |
90 | tst r1, #_TIF_SYSCALL_TRACE @ are we tracing syscalls? | 90 | tst r1, #_TIF_SYSCALL_WORK @ are we tracing syscalls? |
91 | beq ret_slow_syscall | 91 | beq ret_slow_syscall |
92 | mov r1, sp | 92 | mov r1, sp |
93 | mov r0, #1 @ trace exit [IP = 1] | 93 | mov r0, #1 @ trace exit [IP = 1] |
@@ -443,7 +443,7 @@ ENTRY(vector_swi) | |||
443 | 1: | 443 | 1: |
444 | #endif | 444 | #endif |
445 | 445 | ||
446 | tst r10, #_TIF_SYSCALL_TRACE @ are we tracing syscalls? | 446 | tst r10, #_TIF_SYSCALL_WORK @ are we tracing syscalls? |
447 | bne __sys_trace | 447 | bne __sys_trace |
448 | 448 | ||
449 | cmp scno, #NR_syscalls @ check upper syscall limit | 449 | cmp scno, #NR_syscalls @ check upper syscall limit |
diff --git a/arch/arm/kernel/ptrace.c b/arch/arm/kernel/ptrace.c index 483727ad6892..e1d5e1929fbd 100644 --- a/arch/arm/kernel/ptrace.c +++ b/arch/arm/kernel/ptrace.c | |||
@@ -906,11 +906,6 @@ asmlinkage int syscall_trace(int why, struct pt_regs *regs, int scno) | |||
906 | { | 906 | { |
907 | unsigned long ip; | 907 | unsigned long ip; |
908 | 908 | ||
909 | if (!test_thread_flag(TIF_SYSCALL_TRACE)) | ||
910 | return scno; | ||
911 | if (!(current->ptrace & PT_PTRACED)) | ||
912 | return scno; | ||
913 | |||
914 | /* | 909 | /* |
915 | * Save IP. IP is used to denote syscall entry/exit: | 910 | * Save IP. IP is used to denote syscall entry/exit: |
916 | * IP = 0 -> entry, = 1 -> exit | 911 | * IP = 0 -> entry, = 1 -> exit |
@@ -918,6 +913,17 @@ asmlinkage int syscall_trace(int why, struct pt_regs *regs, int scno) | |||
918 | ip = regs->ARM_ip; | 913 | ip = regs->ARM_ip; |
919 | regs->ARM_ip = why; | 914 | regs->ARM_ip = why; |
920 | 915 | ||
916 | if (!ip) | ||
917 | audit_syscall_exit(regs); | ||
918 | else | ||
919 | audit_syscall_entry(AUDIT_ARCH_ARMEB, scno, regs->ARM_r0, | ||
920 | regs->ARM_r1, regs->ARM_r2, regs->ARM_r3); | ||
921 | |||
922 | if (!test_thread_flag(TIF_SYSCALL_TRACE)) | ||
923 | return scno; | ||
924 | if (!(current->ptrace & PT_PTRACED)) | ||
925 | return scno; | ||
926 | |||
921 | current_thread_info()->syscall = scno; | 927 | current_thread_info()->syscall = scno; |
922 | 928 | ||
923 | /* the 0x80 provides a way for the tracing parent to distinguish | 929 | /* the 0x80 provides a way for the tracing parent to distinguish |
diff --git a/arch/ia64/include/asm/ptrace.h b/arch/ia64/include/asm/ptrace.h index f5cb27614e35..68c98f5b3ca6 100644 --- a/arch/ia64/include/asm/ptrace.h +++ b/arch/ia64/include/asm/ptrace.h | |||
@@ -246,7 +246,18 @@ static inline unsigned long user_stack_pointer(struct pt_regs *regs) | |||
246 | return regs->ar_bspstore; | 246 | return regs->ar_bspstore; |
247 | } | 247 | } |
248 | 248 | ||
249 | #define regs_return_value(regs) ((regs)->r8) | 249 | static inline int is_syscall_success(struct pt_regs *regs) |
250 | { | ||
251 | return regs->r10 != -1; | ||
252 | } | ||
253 | |||
254 | static inline long regs_return_value(struct pt_regs *regs) | ||
255 | { | ||
256 | if (is_syscall_success(regs)) | ||
257 | return regs->r8; | ||
258 | else | ||
259 | return -regs->r8; | ||
260 | } | ||
250 | 261 | ||
251 | /* Conserve space in histogram by encoding slot bits in address | 262 | /* Conserve space in histogram by encoding slot bits in address |
252 | * bits 2 and 3 rather than bits 0 and 1. | 263 | * bits 2 and 3 rather than bits 0 and 1. |
diff --git a/arch/ia64/kernel/ptrace.c b/arch/ia64/kernel/ptrace.c index 8848f43d819e..dad91661ddf9 100644 --- a/arch/ia64/kernel/ptrace.c +++ b/arch/ia64/kernel/ptrace.c | |||
@@ -1246,15 +1246,8 @@ syscall_trace_enter (long arg0, long arg1, long arg2, long arg3, | |||
1246 | if (test_thread_flag(TIF_RESTORE_RSE)) | 1246 | if (test_thread_flag(TIF_RESTORE_RSE)) |
1247 | ia64_sync_krbs(); | 1247 | ia64_sync_krbs(); |
1248 | 1248 | ||
1249 | if (unlikely(current->audit_context)) { | ||
1250 | long syscall; | ||
1251 | int arch; | ||
1252 | 1249 | ||
1253 | syscall = regs.r15; | 1250 | audit_syscall_entry(AUDIT_ARCH_IA64, regs.r15, arg0, arg1, arg2, arg3); |
1254 | arch = AUDIT_ARCH_IA64; | ||
1255 | |||
1256 | audit_syscall_entry(arch, syscall, arg0, arg1, arg2, arg3); | ||
1257 | } | ||
1258 | 1251 | ||
1259 | return 0; | 1252 | return 0; |
1260 | } | 1253 | } |
@@ -1268,14 +1261,7 @@ syscall_trace_leave (long arg0, long arg1, long arg2, long arg3, | |||
1268 | { | 1261 | { |
1269 | int step; | 1262 | int step; |
1270 | 1263 | ||
1271 | if (unlikely(current->audit_context)) { | 1264 | audit_syscall_exit(®s); |
1272 | int success = AUDITSC_RESULT(regs.r10); | ||
1273 | long result = regs.r8; | ||
1274 | |||
1275 | if (success != AUDITSC_SUCCESS) | ||
1276 | result = -result; | ||
1277 | audit_syscall_exit(success, result); | ||
1278 | } | ||
1279 | 1265 | ||
1280 | step = test_thread_flag(TIF_SINGLESTEP); | 1266 | step = test_thread_flag(TIF_SINGLESTEP); |
1281 | if (step || test_thread_flag(TIF_SYSCALL_TRACE)) | 1267 | if (step || test_thread_flag(TIF_SYSCALL_TRACE)) |
diff --git a/arch/microblaze/include/asm/ptrace.h b/arch/microblaze/include/asm/ptrace.h index 816bee64b196..94e92c805859 100644 --- a/arch/microblaze/include/asm/ptrace.h +++ b/arch/microblaze/include/asm/ptrace.h | |||
@@ -61,6 +61,11 @@ struct pt_regs { | |||
61 | #define instruction_pointer(regs) ((regs)->pc) | 61 | #define instruction_pointer(regs) ((regs)->pc) |
62 | #define profile_pc(regs) instruction_pointer(regs) | 62 | #define profile_pc(regs) instruction_pointer(regs) |
63 | 63 | ||
64 | static inline long regs_return_value(struct pt_regs *regs) | ||
65 | { | ||
66 | return regs->r3; | ||
67 | } | ||
68 | |||
64 | #else /* __KERNEL__ */ | 69 | #else /* __KERNEL__ */ |
65 | 70 | ||
66 | /* pt_regs offsets used by gdbserver etc in ptrace syscalls */ | 71 | /* pt_regs offsets used by gdbserver etc in ptrace syscalls */ |
diff --git a/arch/microblaze/kernel/ptrace.c b/arch/microblaze/kernel/ptrace.c index 043cb58f9c44..6eb2aa927d89 100644 --- a/arch/microblaze/kernel/ptrace.c +++ b/arch/microblaze/kernel/ptrace.c | |||
@@ -147,10 +147,8 @@ asmlinkage long do_syscall_trace_enter(struct pt_regs *regs) | |||
147 | */ | 147 | */ |
148 | ret = -1L; | 148 | ret = -1L; |
149 | 149 | ||
150 | if (unlikely(current->audit_context)) | 150 | audit_syscall_entry(EM_MICROBLAZE, regs->r12, regs->r5, regs->r6, |
151 | audit_syscall_entry(EM_MICROBLAZE, regs->r12, | 151 | regs->r7, regs->r8); |
152 | regs->r5, regs->r6, | ||
153 | regs->r7, regs->r8); | ||
154 | 152 | ||
155 | return ret ?: regs->r12; | 153 | return ret ?: regs->r12; |
156 | } | 154 | } |
@@ -159,8 +157,7 @@ asmlinkage void do_syscall_trace_leave(struct pt_regs *regs) | |||
159 | { | 157 | { |
160 | int step; | 158 | int step; |
161 | 159 | ||
162 | if (unlikely(current->audit_context)) | 160 | audit_syscall_exit(regs); |
163 | audit_syscall_exit(AUDITSC_RESULT(regs->r3), regs->r3); | ||
164 | 161 | ||
165 | step = test_thread_flag(TIF_SINGLESTEP); | 162 | step = test_thread_flag(TIF_SINGLESTEP); |
166 | if (step || test_thread_flag(TIF_SYSCALL_TRACE)) | 163 | if (step || test_thread_flag(TIF_SYSCALL_TRACE)) |
diff --git a/arch/mips/include/asm/ptrace.h b/arch/mips/include/asm/ptrace.h index 7b99c670e478..4b7f5252d2fd 100644 --- a/arch/mips/include/asm/ptrace.h +++ b/arch/mips/include/asm/ptrace.h | |||
@@ -137,7 +137,19 @@ extern int ptrace_set_watch_regs(struct task_struct *child, | |||
137 | */ | 137 | */ |
138 | #define user_mode(regs) (((regs)->cp0_status & KU_MASK) == KU_USER) | 138 | #define user_mode(regs) (((regs)->cp0_status & KU_MASK) == KU_USER) |
139 | 139 | ||
140 | #define regs_return_value(_regs) ((_regs)->regs[2]) | 140 | static inline int is_syscall_success(struct pt_regs *regs) |
141 | { | ||
142 | return !regs->regs[7]; | ||
143 | } | ||
144 | |||
145 | static inline long regs_return_value(struct pt_regs *regs) | ||
146 | { | ||
147 | if (is_syscall_success(regs)) | ||
148 | return regs->regs[2]; | ||
149 | else | ||
150 | return -regs->regs[2]; | ||
151 | } | ||
152 | |||
141 | #define instruction_pointer(regs) ((regs)->cp0_epc) | 153 | #define instruction_pointer(regs) ((regs)->cp0_epc) |
142 | #define profile_pc(regs) instruction_pointer(regs) | 154 | #define profile_pc(regs) instruction_pointer(regs) |
143 | 155 | ||
diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c index 4e6ea1ffad46..7786b608d932 100644 --- a/arch/mips/kernel/ptrace.c +++ b/arch/mips/kernel/ptrace.c | |||
@@ -560,10 +560,9 @@ asmlinkage void syscall_trace_enter(struct pt_regs *regs) | |||
560 | } | 560 | } |
561 | 561 | ||
562 | out: | 562 | out: |
563 | if (unlikely(current->audit_context)) | 563 | audit_syscall_entry(audit_arch(), regs->regs[2], |
564 | audit_syscall_entry(audit_arch(), regs->regs[2], | 564 | regs->regs[4], regs->regs[5], |
565 | regs->regs[4], regs->regs[5], | 565 | regs->regs[6], regs->regs[7]); |
566 | regs->regs[6], regs->regs[7]); | ||
567 | } | 566 | } |
568 | 567 | ||
569 | /* | 568 | /* |
@@ -572,9 +571,7 @@ out: | |||
572 | */ | 571 | */ |
573 | asmlinkage void syscall_trace_leave(struct pt_regs *regs) | 572 | asmlinkage void syscall_trace_leave(struct pt_regs *regs) |
574 | { | 573 | { |
575 | if (unlikely(current->audit_context)) | 574 | audit_syscall_exit(regs); |
576 | audit_syscall_exit(AUDITSC_RESULT(regs->regs[7]), | ||
577 | -regs->regs[2]); | ||
578 | 575 | ||
579 | if (!(current->ptrace & PT_PTRACED)) | 576 | if (!(current->ptrace & PT_PTRACED)) |
580 | return; | 577 | return; |
diff --git a/arch/powerpc/include/asm/ptrace.h b/arch/powerpc/include/asm/ptrace.h index 48223f9b8728..78a205162fd7 100644 --- a/arch/powerpc/include/asm/ptrace.h +++ b/arch/powerpc/include/asm/ptrace.h | |||
@@ -86,7 +86,18 @@ struct pt_regs { | |||
86 | #define instruction_pointer(regs) ((regs)->nip) | 86 | #define instruction_pointer(regs) ((regs)->nip) |
87 | #define user_stack_pointer(regs) ((regs)->gpr[1]) | 87 | #define user_stack_pointer(regs) ((regs)->gpr[1]) |
88 | #define kernel_stack_pointer(regs) ((regs)->gpr[1]) | 88 | #define kernel_stack_pointer(regs) ((regs)->gpr[1]) |
89 | #define regs_return_value(regs) ((regs)->gpr[3]) | 89 | static inline int is_syscall_success(struct pt_regs *regs) |
90 | { | ||
91 | return !(regs->ccr & 0x10000000); | ||
92 | } | ||
93 | |||
94 | static inline long regs_return_value(struct pt_regs *regs) | ||
95 | { | ||
96 | if (is_syscall_success(regs)) | ||
97 | return regs->gpr[3]; | ||
98 | else | ||
99 | return -regs->gpr[3]; | ||
100 | } | ||
90 | 101 | ||
91 | #ifdef CONFIG_SMP | 102 | #ifdef CONFIG_SMP |
92 | extern unsigned long profile_pc(struct pt_regs *regs); | 103 | extern unsigned long profile_pc(struct pt_regs *regs); |
diff --git a/arch/powerpc/kernel/ptrace.c b/arch/powerpc/kernel/ptrace.c index 5de73dbd15c7..5b43325402bc 100644 --- a/arch/powerpc/kernel/ptrace.c +++ b/arch/powerpc/kernel/ptrace.c | |||
@@ -1724,22 +1724,20 @@ long do_syscall_trace_enter(struct pt_regs *regs) | |||
1724 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) | 1724 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
1725 | trace_sys_enter(regs, regs->gpr[0]); | 1725 | trace_sys_enter(regs, regs->gpr[0]); |
1726 | 1726 | ||
1727 | if (unlikely(current->audit_context)) { | ||
1728 | #ifdef CONFIG_PPC64 | 1727 | #ifdef CONFIG_PPC64 |
1729 | if (!is_32bit_task()) | 1728 | if (!is_32bit_task()) |
1730 | audit_syscall_entry(AUDIT_ARCH_PPC64, | 1729 | audit_syscall_entry(AUDIT_ARCH_PPC64, |
1731 | regs->gpr[0], | 1730 | regs->gpr[0], |
1732 | regs->gpr[3], regs->gpr[4], | 1731 | regs->gpr[3], regs->gpr[4], |
1733 | regs->gpr[5], regs->gpr[6]); | 1732 | regs->gpr[5], regs->gpr[6]); |
1734 | else | 1733 | else |
1735 | #endif | 1734 | #endif |
1736 | audit_syscall_entry(AUDIT_ARCH_PPC, | 1735 | audit_syscall_entry(AUDIT_ARCH_PPC, |
1737 | regs->gpr[0], | 1736 | regs->gpr[0], |
1738 | regs->gpr[3] & 0xffffffff, | 1737 | regs->gpr[3] & 0xffffffff, |
1739 | regs->gpr[4] & 0xffffffff, | 1738 | regs->gpr[4] & 0xffffffff, |
1740 | regs->gpr[5] & 0xffffffff, | 1739 | regs->gpr[5] & 0xffffffff, |
1741 | regs->gpr[6] & 0xffffffff); | 1740 | regs->gpr[6] & 0xffffffff); |
1742 | } | ||
1743 | 1741 | ||
1744 | return ret ?: regs->gpr[0]; | 1742 | return ret ?: regs->gpr[0]; |
1745 | } | 1743 | } |
@@ -1748,9 +1746,7 @@ void do_syscall_trace_leave(struct pt_regs *regs) | |||
1748 | { | 1746 | { |
1749 | int step; | 1747 | int step; |
1750 | 1748 | ||
1751 | if (unlikely(current->audit_context)) | 1749 | audit_syscall_exit(regs); |
1752 | audit_syscall_exit((regs->ccr&0x10000000)?AUDITSC_FAILURE:AUDITSC_SUCCESS, | ||
1753 | regs->result); | ||
1754 | 1750 | ||
1755 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) | 1751 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
1756 | trace_sys_exit(regs, regs->result); | 1752 | trace_sys_exit(regs, regs->result); |
diff --git a/arch/s390/include/asm/ptrace.h b/arch/s390/include/asm/ptrace.h index 56da355678f4..aeb77f017985 100644 --- a/arch/s390/include/asm/ptrace.h +++ b/arch/s390/include/asm/ptrace.h | |||
@@ -541,9 +541,13 @@ struct user_regs_struct | |||
541 | #define user_mode(regs) (((regs)->psw.mask & PSW_MASK_PSTATE) != 0) | 541 | #define user_mode(regs) (((regs)->psw.mask & PSW_MASK_PSTATE) != 0) |
542 | #define instruction_pointer(regs) ((regs)->psw.addr & PSW_ADDR_INSN) | 542 | #define instruction_pointer(regs) ((regs)->psw.addr & PSW_ADDR_INSN) |
543 | #define user_stack_pointer(regs)((regs)->gprs[15]) | 543 | #define user_stack_pointer(regs)((regs)->gprs[15]) |
544 | #define regs_return_value(regs)((regs)->gprs[2]) | ||
545 | #define profile_pc(regs) instruction_pointer(regs) | 544 | #define profile_pc(regs) instruction_pointer(regs) |
546 | 545 | ||
546 | static inline long regs_return_value(struct pt_regs *regs) | ||
547 | { | ||
548 | return regs->gprs[2]; | ||
549 | } | ||
550 | |||
547 | int regs_query_register_offset(const char *name); | 551 | int regs_query_register_offset(const char *name); |
548 | const char *regs_query_register_name(unsigned int offset); | 552 | const char *regs_query_register_name(unsigned int offset); |
549 | unsigned long regs_get_register(struct pt_regs *regs, unsigned int offset); | 553 | unsigned long regs_get_register(struct pt_regs *regs, unsigned int offset); |
diff --git a/arch/s390/kernel/ptrace.c b/arch/s390/kernel/ptrace.c index 573bc29551ef..9d82ed4bcb27 100644 --- a/arch/s390/kernel/ptrace.c +++ b/arch/s390/kernel/ptrace.c | |||
@@ -740,20 +740,17 @@ asmlinkage long do_syscall_trace_enter(struct pt_regs *regs) | |||
740 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) | 740 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
741 | trace_sys_enter(regs, regs->gprs[2]); | 741 | trace_sys_enter(regs, regs->gprs[2]); |
742 | 742 | ||
743 | if (unlikely(current->audit_context)) | 743 | audit_syscall_entry(is_compat_task() ? |
744 | audit_syscall_entry(is_compat_task() ? | 744 | AUDIT_ARCH_S390 : AUDIT_ARCH_S390X, |
745 | AUDIT_ARCH_S390 : AUDIT_ARCH_S390X, | 745 | regs->gprs[2], regs->orig_gpr2, |
746 | regs->gprs[2], regs->orig_gpr2, | 746 | regs->gprs[3], regs->gprs[4], |
747 | regs->gprs[3], regs->gprs[4], | 747 | regs->gprs[5]); |
748 | regs->gprs[5]); | ||
749 | return ret ?: regs->gprs[2]; | 748 | return ret ?: regs->gprs[2]; |
750 | } | 749 | } |
751 | 750 | ||
752 | asmlinkage void do_syscall_trace_exit(struct pt_regs *regs) | 751 | asmlinkage void do_syscall_trace_exit(struct pt_regs *regs) |
753 | { | 752 | { |
754 | if (unlikely(current->audit_context)) | 753 | audit_syscall_exit(regs); |
755 | audit_syscall_exit(AUDITSC_RESULT(regs->gprs[2]), | ||
756 | regs->gprs[2]); | ||
757 | 754 | ||
758 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) | 755 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
759 | trace_sys_exit(regs, regs->gprs[2]); | 756 | trace_sys_exit(regs, regs->gprs[2]); |
diff --git a/arch/sh/include/asm/ptrace_32.h b/arch/sh/include/asm/ptrace_32.h index 6c2239cca1a2..2d3e906aa722 100644 --- a/arch/sh/include/asm/ptrace_32.h +++ b/arch/sh/include/asm/ptrace_32.h | |||
@@ -76,7 +76,10 @@ struct pt_dspregs { | |||
76 | #ifdef __KERNEL__ | 76 | #ifdef __KERNEL__ |
77 | 77 | ||
78 | #define MAX_REG_OFFSET offsetof(struct pt_regs, tra) | 78 | #define MAX_REG_OFFSET offsetof(struct pt_regs, tra) |
79 | #define regs_return_value(_regs) ((_regs)->regs[0]) | 79 | static inline long regs_return_value(struct pt_regs *regs) |
80 | { | ||
81 | return regs->regs[0]; | ||
82 | } | ||
80 | 83 | ||
81 | #endif /* __KERNEL__ */ | 84 | #endif /* __KERNEL__ */ |
82 | 85 | ||
diff --git a/arch/sh/include/asm/ptrace_64.h b/arch/sh/include/asm/ptrace_64.h index bf9be7764d69..eb3fcceaf64b 100644 --- a/arch/sh/include/asm/ptrace_64.h +++ b/arch/sh/include/asm/ptrace_64.h | |||
@@ -13,7 +13,10 @@ struct pt_regs { | |||
13 | #ifdef __KERNEL__ | 13 | #ifdef __KERNEL__ |
14 | 14 | ||
15 | #define MAX_REG_OFFSET offsetof(struct pt_regs, tregs[7]) | 15 | #define MAX_REG_OFFSET offsetof(struct pt_regs, tregs[7]) |
16 | #define regs_return_value(_regs) ((_regs)->regs[3]) | 16 | static inline long regs_return_value(struct pt_regs *regs) |
17 | { | ||
18 | return regs->regs[3]; | ||
19 | } | ||
17 | 20 | ||
18 | #endif /* __KERNEL__ */ | 21 | #endif /* __KERNEL__ */ |
19 | 22 | ||
diff --git a/arch/sh/kernel/ptrace_32.c b/arch/sh/kernel/ptrace_32.c index 92b3c276339a..a3e651563763 100644 --- a/arch/sh/kernel/ptrace_32.c +++ b/arch/sh/kernel/ptrace_32.c | |||
@@ -518,10 +518,9 @@ asmlinkage long do_syscall_trace_enter(struct pt_regs *regs) | |||
518 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) | 518 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
519 | trace_sys_enter(regs, regs->regs[0]); | 519 | trace_sys_enter(regs, regs->regs[0]); |
520 | 520 | ||
521 | if (unlikely(current->audit_context)) | 521 | audit_syscall_entry(audit_arch(), regs->regs[3], |
522 | audit_syscall_entry(audit_arch(), regs->regs[3], | 522 | regs->regs[4], regs->regs[5], |
523 | regs->regs[4], regs->regs[5], | 523 | regs->regs[6], regs->regs[7]); |
524 | regs->regs[6], regs->regs[7]); | ||
525 | 524 | ||
526 | return ret ?: regs->regs[0]; | 525 | return ret ?: regs->regs[0]; |
527 | } | 526 | } |
@@ -530,9 +529,7 @@ asmlinkage void do_syscall_trace_leave(struct pt_regs *regs) | |||
530 | { | 529 | { |
531 | int step; | 530 | int step; |
532 | 531 | ||
533 | if (unlikely(current->audit_context)) | 532 | audit_syscall_exit(regs); |
534 | audit_syscall_exit(AUDITSC_RESULT(regs->regs[0]), | ||
535 | regs->regs[0]); | ||
536 | 533 | ||
537 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) | 534 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
538 | trace_sys_exit(regs, regs->regs[0]); | 535 | trace_sys_exit(regs, regs->regs[0]); |
diff --git a/arch/sh/kernel/ptrace_64.c b/arch/sh/kernel/ptrace_64.c index c8f97649f354..3d0080b5c976 100644 --- a/arch/sh/kernel/ptrace_64.c +++ b/arch/sh/kernel/ptrace_64.c | |||
@@ -536,10 +536,9 @@ asmlinkage long long do_syscall_trace_enter(struct pt_regs *regs) | |||
536 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) | 536 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
537 | trace_sys_enter(regs, regs->regs[9]); | 537 | trace_sys_enter(regs, regs->regs[9]); |
538 | 538 | ||
539 | if (unlikely(current->audit_context)) | 539 | audit_syscall_entry(audit_arch(), regs->regs[1], |
540 | audit_syscall_entry(audit_arch(), regs->regs[1], | 540 | regs->regs[2], regs->regs[3], |
541 | regs->regs[2], regs->regs[3], | 541 | regs->regs[4], regs->regs[5]); |
542 | regs->regs[4], regs->regs[5]); | ||
543 | 542 | ||
544 | return ret ?: regs->regs[9]; | 543 | return ret ?: regs->regs[9]; |
545 | } | 544 | } |
@@ -548,9 +547,7 @@ asmlinkage void do_syscall_trace_leave(struct pt_regs *regs) | |||
548 | { | 547 | { |
549 | int step; | 548 | int step; |
550 | 549 | ||
551 | if (unlikely(current->audit_context)) | 550 | audit_syscall_exit(regs); |
552 | audit_syscall_exit(AUDITSC_RESULT(regs->regs[9]), | ||
553 | regs->regs[9]); | ||
554 | 551 | ||
555 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) | 552 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
556 | trace_sys_exit(regs, regs->regs[9]); | 553 | trace_sys_exit(regs, regs->regs[9]); |
diff --git a/arch/sparc/include/asm/ptrace.h b/arch/sparc/include/asm/ptrace.h index a0e1bcf843a1..c00c3b5c2806 100644 --- a/arch/sparc/include/asm/ptrace.h +++ b/arch/sparc/include/asm/ptrace.h | |||
@@ -207,7 +207,15 @@ do { current_thread_info()->syscall_noerror = 1; \ | |||
207 | #define instruction_pointer(regs) ((regs)->tpc) | 207 | #define instruction_pointer(regs) ((regs)->tpc) |
208 | #define instruction_pointer_set(regs, val) ((regs)->tpc = (val)) | 208 | #define instruction_pointer_set(regs, val) ((regs)->tpc = (val)) |
209 | #define user_stack_pointer(regs) ((regs)->u_regs[UREG_FP]) | 209 | #define user_stack_pointer(regs) ((regs)->u_regs[UREG_FP]) |
210 | #define regs_return_value(regs) ((regs)->u_regs[UREG_I0]) | 210 | static inline int is_syscall_success(struct pt_regs *regs) |
211 | { | ||
212 | return !(regs->tstate & (TSTATE_XCARRY | TSTATE_ICARRY)); | ||
213 | } | ||
214 | |||
215 | static inline long regs_return_value(struct pt_regs *regs) | ||
216 | { | ||
217 | return regs->u_regs[UREG_I0]; | ||
218 | } | ||
211 | #ifdef CONFIG_SMP | 219 | #ifdef CONFIG_SMP |
212 | extern unsigned long profile_pc(struct pt_regs *); | 220 | extern unsigned long profile_pc(struct pt_regs *); |
213 | #else | 221 | #else |
diff --git a/arch/sparc/kernel/ptrace_64.c b/arch/sparc/kernel/ptrace_64.c index 96ee50a80661..9388844cd88c 100644 --- a/arch/sparc/kernel/ptrace_64.c +++ b/arch/sparc/kernel/ptrace_64.c | |||
@@ -1071,32 +1071,22 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs) | |||
1071 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) | 1071 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
1072 | trace_sys_enter(regs, regs->u_regs[UREG_G1]); | 1072 | trace_sys_enter(regs, regs->u_regs[UREG_G1]); |
1073 | 1073 | ||
1074 | if (unlikely(current->audit_context) && !ret) | 1074 | audit_syscall_entry((test_thread_flag(TIF_32BIT) ? |
1075 | audit_syscall_entry((test_thread_flag(TIF_32BIT) ? | 1075 | AUDIT_ARCH_SPARC : |
1076 | AUDIT_ARCH_SPARC : | 1076 | AUDIT_ARCH_SPARC64), |
1077 | AUDIT_ARCH_SPARC64), | 1077 | regs->u_regs[UREG_G1], |
1078 | regs->u_regs[UREG_G1], | 1078 | regs->u_regs[UREG_I0], |
1079 | regs->u_regs[UREG_I0], | 1079 | regs->u_regs[UREG_I1], |
1080 | regs->u_regs[UREG_I1], | 1080 | regs->u_regs[UREG_I2], |
1081 | regs->u_regs[UREG_I2], | 1081 | regs->u_regs[UREG_I3]); |
1082 | regs->u_regs[UREG_I3]); | ||
1083 | 1082 | ||
1084 | return ret; | 1083 | return ret; |
1085 | } | 1084 | } |
1086 | 1085 | ||
1087 | asmlinkage void syscall_trace_leave(struct pt_regs *regs) | 1086 | asmlinkage void syscall_trace_leave(struct pt_regs *regs) |
1088 | { | 1087 | { |
1089 | #ifdef CONFIG_AUDITSYSCALL | 1088 | audit_syscall_exit(regs); |
1090 | if (unlikely(current->audit_context)) { | ||
1091 | unsigned long tstate = regs->tstate; | ||
1092 | int result = AUDITSC_SUCCESS; | ||
1093 | 1089 | ||
1094 | if (unlikely(tstate & (TSTATE_XCARRY | TSTATE_ICARRY))) | ||
1095 | result = AUDITSC_FAILURE; | ||
1096 | |||
1097 | audit_syscall_exit(result, regs->u_regs[UREG_I0]); | ||
1098 | } | ||
1099 | #endif | ||
1100 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) | 1090 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
1101 | trace_sys_exit(regs, regs->u_regs[UREG_G1]); | 1091 | trace_sys_exit(regs, regs->u_regs[UREG_G1]); |
1102 | 1092 | ||
diff --git a/arch/um/kernel/ptrace.c b/arch/um/kernel/ptrace.c index c9da32b0c707..06b190390505 100644 --- a/arch/um/kernel/ptrace.c +++ b/arch/um/kernel/ptrace.c | |||
@@ -167,17 +167,15 @@ void syscall_trace(struct uml_pt_regs *regs, int entryexit) | |||
167 | int is_singlestep = (current->ptrace & PT_DTRACE) && entryexit; | 167 | int is_singlestep = (current->ptrace & PT_DTRACE) && entryexit; |
168 | int tracesysgood; | 168 | int tracesysgood; |
169 | 169 | ||
170 | if (unlikely(current->audit_context)) { | 170 | if (!entryexit) |
171 | if (!entryexit) | 171 | audit_syscall_entry(HOST_AUDIT_ARCH, |
172 | audit_syscall_entry(HOST_AUDIT_ARCH, | 172 | UPT_SYSCALL_NR(regs), |
173 | UPT_SYSCALL_NR(regs), | 173 | UPT_SYSCALL_ARG1(regs), |
174 | UPT_SYSCALL_ARG1(regs), | 174 | UPT_SYSCALL_ARG2(regs), |
175 | UPT_SYSCALL_ARG2(regs), | 175 | UPT_SYSCALL_ARG3(regs), |
176 | UPT_SYSCALL_ARG3(regs), | 176 | UPT_SYSCALL_ARG4(regs)); |
177 | UPT_SYSCALL_ARG4(regs)); | 177 | else |
178 | else audit_syscall_exit(AUDITSC_RESULT(UPT_SYSCALL_RET(regs)), | 178 | audit_syscall_exit(regs); |
179 | UPT_SYSCALL_RET(regs)); | ||
180 | } | ||
181 | 179 | ||
182 | /* Fake a debug trap */ | 180 | /* Fake a debug trap */ |
183 | if (is_singlestep) | 181 | if (is_singlestep) |
diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S index 1106261856c8..e3e734005e19 100644 --- a/arch/x86/ia32/ia32entry.S +++ b/arch/x86/ia32/ia32entry.S | |||
@@ -14,6 +14,7 @@ | |||
14 | #include <asm/segment.h> | 14 | #include <asm/segment.h> |
15 | #include <asm/irqflags.h> | 15 | #include <asm/irqflags.h> |
16 | #include <linux/linkage.h> | 16 | #include <linux/linkage.h> |
17 | #include <linux/err.h> | ||
17 | 18 | ||
18 | /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */ | 19 | /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */ |
19 | #include <linux/elf-em.h> | 20 | #include <linux/elf-em.h> |
@@ -189,7 +190,7 @@ sysexit_from_sys_call: | |||
189 | movl %ebx,%edx /* 3rd arg: 1st syscall arg */ | 190 | movl %ebx,%edx /* 3rd arg: 1st syscall arg */ |
190 | movl %eax,%esi /* 2nd arg: syscall number */ | 191 | movl %eax,%esi /* 2nd arg: syscall number */ |
191 | movl $AUDIT_ARCH_I386,%edi /* 1st arg: audit arch */ | 192 | movl $AUDIT_ARCH_I386,%edi /* 1st arg: audit arch */ |
192 | call audit_syscall_entry | 193 | call __audit_syscall_entry |
193 | movl RAX-ARGOFFSET(%rsp),%eax /* reload syscall number */ | 194 | movl RAX-ARGOFFSET(%rsp),%eax /* reload syscall number */ |
194 | cmpq $(IA32_NR_syscalls-1),%rax | 195 | cmpq $(IA32_NR_syscalls-1),%rax |
195 | ja ia32_badsys | 196 | ja ia32_badsys |
@@ -206,12 +207,13 @@ sysexit_from_sys_call: | |||
206 | TRACE_IRQS_ON | 207 | TRACE_IRQS_ON |
207 | sti | 208 | sti |
208 | movl %eax,%esi /* second arg, syscall return value */ | 209 | movl %eax,%esi /* second arg, syscall return value */ |
209 | cmpl $0,%eax /* is it < 0? */ | 210 | cmpl $-MAX_ERRNO,%eax /* is it an error ? */ |
210 | setl %al /* 1 if so, 0 if not */ | 211 | jbe 1f |
212 | movslq %eax, %rsi /* if error sign extend to 64 bits */ | ||
213 | 1: setbe %al /* 1 if error, 0 if not */ | ||
211 | movzbl %al,%edi /* zero-extend that into %edi */ | 214 | movzbl %al,%edi /* zero-extend that into %edi */ |
212 | inc %edi /* first arg, 0->1(AUDITSC_SUCCESS), 1->2(AUDITSC_FAILURE) */ | 215 | call __audit_syscall_exit |
213 | call audit_syscall_exit | 216 | movq RAX-ARGOFFSET(%rsp),%rax /* reload syscall return value */ |
214 | movl RAX-ARGOFFSET(%rsp),%eax /* reload syscall return value */ | ||
215 | movl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT),%edi | 217 | movl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT),%edi |
216 | cli | 218 | cli |
217 | TRACE_IRQS_OFF | 219 | TRACE_IRQS_OFF |
diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S index 4af9fd2450a5..79d97e68f042 100644 --- a/arch/x86/kernel/entry_32.S +++ b/arch/x86/kernel/entry_32.S | |||
@@ -42,6 +42,7 @@ | |||
42 | */ | 42 | */ |
43 | 43 | ||
44 | #include <linux/linkage.h> | 44 | #include <linux/linkage.h> |
45 | #include <linux/err.h> | ||
45 | #include <asm/thread_info.h> | 46 | #include <asm/thread_info.h> |
46 | #include <asm/irqflags.h> | 47 | #include <asm/irqflags.h> |
47 | #include <asm/errno.h> | 48 | #include <asm/errno.h> |
@@ -453,7 +454,7 @@ sysenter_audit: | |||
453 | movl %ebx,%ecx /* 3rd arg: 1st syscall arg */ | 454 | movl %ebx,%ecx /* 3rd arg: 1st syscall arg */ |
454 | movl %eax,%edx /* 2nd arg: syscall number */ | 455 | movl %eax,%edx /* 2nd arg: syscall number */ |
455 | movl $AUDIT_ARCH_I386,%eax /* 1st arg: audit arch */ | 456 | movl $AUDIT_ARCH_I386,%eax /* 1st arg: audit arch */ |
456 | call audit_syscall_entry | 457 | call __audit_syscall_entry |
457 | pushl_cfi %ebx | 458 | pushl_cfi %ebx |
458 | movl PT_EAX(%esp),%eax /* reload syscall number */ | 459 | movl PT_EAX(%esp),%eax /* reload syscall number */ |
459 | jmp sysenter_do_call | 460 | jmp sysenter_do_call |
@@ -464,11 +465,10 @@ sysexit_audit: | |||
464 | TRACE_IRQS_ON | 465 | TRACE_IRQS_ON |
465 | ENABLE_INTERRUPTS(CLBR_ANY) | 466 | ENABLE_INTERRUPTS(CLBR_ANY) |
466 | movl %eax,%edx /* second arg, syscall return value */ | 467 | movl %eax,%edx /* second arg, syscall return value */ |
467 | cmpl $0,%eax /* is it < 0? */ | 468 | cmpl $-MAX_ERRNO,%eax /* is it an error ? */ |
468 | setl %al /* 1 if so, 0 if not */ | 469 | setbe %al /* 1 if so, 0 if not */ |
469 | movzbl %al,%eax /* zero-extend that */ | 470 | movzbl %al,%eax /* zero-extend that */ |
470 | inc %eax /* first arg, 0->1(AUDITSC_SUCCESS), 1->2(AUDITSC_FAILURE) */ | 471 | call __audit_syscall_exit |
471 | call audit_syscall_exit | ||
472 | DISABLE_INTERRUPTS(CLBR_ANY) | 472 | DISABLE_INTERRUPTS(CLBR_ANY) |
473 | TRACE_IRQS_OFF | 473 | TRACE_IRQS_OFF |
474 | movl TI_flags(%ebp), %ecx | 474 | movl TI_flags(%ebp), %ecx |
diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S index 940ba711fc28..3fe8239fd8fb 100644 --- a/arch/x86/kernel/entry_64.S +++ b/arch/x86/kernel/entry_64.S | |||
@@ -55,6 +55,7 @@ | |||
55 | #include <asm/paravirt.h> | 55 | #include <asm/paravirt.h> |
56 | #include <asm/ftrace.h> | 56 | #include <asm/ftrace.h> |
57 | #include <asm/percpu.h> | 57 | #include <asm/percpu.h> |
58 | #include <linux/err.h> | ||
58 | 59 | ||
59 | /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */ | 60 | /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */ |
60 | #include <linux/elf-em.h> | 61 | #include <linux/elf-em.h> |
@@ -548,7 +549,7 @@ badsys: | |||
548 | #ifdef CONFIG_AUDITSYSCALL | 549 | #ifdef CONFIG_AUDITSYSCALL |
549 | /* | 550 | /* |
550 | * Fast path for syscall audit without full syscall trace. | 551 | * Fast path for syscall audit without full syscall trace. |
551 | * We just call audit_syscall_entry() directly, and then | 552 | * We just call __audit_syscall_entry() directly, and then |
552 | * jump back to the normal fast path. | 553 | * jump back to the normal fast path. |
553 | */ | 554 | */ |
554 | auditsys: | 555 | auditsys: |
@@ -558,22 +559,21 @@ auditsys: | |||
558 | movq %rdi,%rdx /* 3rd arg: 1st syscall arg */ | 559 | movq %rdi,%rdx /* 3rd arg: 1st syscall arg */ |
559 | movq %rax,%rsi /* 2nd arg: syscall number */ | 560 | movq %rax,%rsi /* 2nd arg: syscall number */ |
560 | movl $AUDIT_ARCH_X86_64,%edi /* 1st arg: audit arch */ | 561 | movl $AUDIT_ARCH_X86_64,%edi /* 1st arg: audit arch */ |
561 | call audit_syscall_entry | 562 | call __audit_syscall_entry |
562 | LOAD_ARGS 0 /* reload call-clobbered registers */ | 563 | LOAD_ARGS 0 /* reload call-clobbered registers */ |
563 | jmp system_call_fastpath | 564 | jmp system_call_fastpath |
564 | 565 | ||
565 | /* | 566 | /* |
566 | * Return fast path for syscall audit. Call audit_syscall_exit() | 567 | * Return fast path for syscall audit. Call __audit_syscall_exit() |
567 | * directly and then jump back to the fast path with TIF_SYSCALL_AUDIT | 568 | * directly and then jump back to the fast path with TIF_SYSCALL_AUDIT |
568 | * masked off. | 569 | * masked off. |
569 | */ | 570 | */ |
570 | sysret_audit: | 571 | sysret_audit: |
571 | movq RAX-ARGOFFSET(%rsp),%rsi /* second arg, syscall return value */ | 572 | movq RAX-ARGOFFSET(%rsp),%rsi /* second arg, syscall return value */ |
572 | cmpq $0,%rsi /* is it < 0? */ | 573 | cmpq $-MAX_ERRNO,%rsi /* is it < -MAX_ERRNO? */ |
573 | setl %al /* 1 if so, 0 if not */ | 574 | setbe %al /* 1 if so, 0 if not */ |
574 | movzbl %al,%edi /* zero-extend that into %edi */ | 575 | movzbl %al,%edi /* zero-extend that into %edi */ |
575 | inc %edi /* first arg, 0->1(AUDITSC_SUCCESS), 1->2(AUDITSC_FAILURE) */ | 576 | call __audit_syscall_exit |
576 | call audit_syscall_exit | ||
577 | movl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT),%edi | 577 | movl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT),%edi |
578 | jmp sysret_check | 578 | jmp sysret_check |
579 | #endif /* CONFIG_AUDITSYSCALL */ | 579 | #endif /* CONFIG_AUDITSYSCALL */ |
diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c index 89a04c7b5bb6..50267386b766 100644 --- a/arch/x86/kernel/ptrace.c +++ b/arch/x86/kernel/ptrace.c | |||
@@ -1392,20 +1392,18 @@ long syscall_trace_enter(struct pt_regs *regs) | |||
1392 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) | 1392 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
1393 | trace_sys_enter(regs, regs->orig_ax); | 1393 | trace_sys_enter(regs, regs->orig_ax); |
1394 | 1394 | ||
1395 | if (unlikely(current->audit_context)) { | 1395 | if (IS_IA32) |
1396 | if (IS_IA32) | 1396 | audit_syscall_entry(AUDIT_ARCH_I386, |
1397 | audit_syscall_entry(AUDIT_ARCH_I386, | 1397 | regs->orig_ax, |
1398 | regs->orig_ax, | 1398 | regs->bx, regs->cx, |
1399 | regs->bx, regs->cx, | 1399 | regs->dx, regs->si); |
1400 | regs->dx, regs->si); | ||
1401 | #ifdef CONFIG_X86_64 | 1400 | #ifdef CONFIG_X86_64 |
1402 | else | 1401 | else |
1403 | audit_syscall_entry(AUDIT_ARCH_X86_64, | 1402 | audit_syscall_entry(AUDIT_ARCH_X86_64, |
1404 | regs->orig_ax, | 1403 | regs->orig_ax, |
1405 | regs->di, regs->si, | 1404 | regs->di, regs->si, |
1406 | regs->dx, regs->r10); | 1405 | regs->dx, regs->r10); |
1407 | #endif | 1406 | #endif |
1408 | } | ||
1409 | 1407 | ||
1410 | return ret ?: regs->orig_ax; | 1408 | return ret ?: regs->orig_ax; |
1411 | } | 1409 | } |
@@ -1414,8 +1412,7 @@ void syscall_trace_leave(struct pt_regs *regs) | |||
1414 | { | 1412 | { |
1415 | bool step; | 1413 | bool step; |
1416 | 1414 | ||
1417 | if (unlikely(current->audit_context)) | 1415 | audit_syscall_exit(regs); |
1418 | audit_syscall_exit(AUDITSC_RESULT(regs->ax), regs->ax); | ||
1419 | 1416 | ||
1420 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) | 1417 | if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) |
1421 | trace_sys_exit(regs, regs->ax); | 1418 | trace_sys_exit(regs, regs->ax); |
diff --git a/arch/x86/kernel/vm86_32.c b/arch/x86/kernel/vm86_32.c index 863f8753ab0a..af17e1c966dc 100644 --- a/arch/x86/kernel/vm86_32.c +++ b/arch/x86/kernel/vm86_32.c | |||
@@ -335,9 +335,9 @@ static void do_sys_vm86(struct kernel_vm86_struct *info, struct task_struct *tsk | |||
335 | if (info->flags & VM86_SCREEN_BITMAP) | 335 | if (info->flags & VM86_SCREEN_BITMAP) |
336 | mark_screen_rdonly(tsk->mm); | 336 | mark_screen_rdonly(tsk->mm); |
337 | 337 | ||
338 | /*call audit_syscall_exit since we do not exit via the normal paths */ | 338 | /*call __audit_syscall_exit since we do not exit via the normal paths */ |
339 | if (unlikely(current->audit_context)) | 339 | if (unlikely(current->audit_context)) |
340 | audit_syscall_exit(AUDITSC_RESULT(0), 0); | 340 | __audit_syscall_exit(1, 0); |
341 | 341 | ||
342 | __asm__ __volatile__( | 342 | __asm__ __volatile__( |
343 | "movl %0,%%esp\n\t" | 343 | "movl %0,%%esp\n\t" |
diff --git a/arch/x86/um/shared/sysdep/ptrace.h b/arch/x86/um/shared/sysdep/ptrace.h index 711b1621747f..5ef9344a8b24 100644 --- a/arch/x86/um/shared/sysdep/ptrace.h +++ b/arch/x86/um/shared/sysdep/ptrace.h | |||
@@ -3,3 +3,8 @@ | |||
3 | #else | 3 | #else |
4 | #include "ptrace_64.h" | 4 | #include "ptrace_64.h" |
5 | #endif | 5 | #endif |
6 | |||
7 | static inline long regs_return_value(struct uml_pt_regs *regs) | ||
8 | { | ||
9 | return UPT_SYSCALL_RET(regs); | ||
10 | } | ||
diff --git a/arch/xtensa/kernel/ptrace.c b/arch/xtensa/kernel/ptrace.c index a0d042aa2967..2dff698ab02e 100644 --- a/arch/xtensa/kernel/ptrace.c +++ b/arch/xtensa/kernel/ptrace.c | |||
@@ -334,8 +334,7 @@ void do_syscall_trace_enter(struct pt_regs *regs) | |||
334 | do_syscall_trace(); | 334 | do_syscall_trace(); |
335 | 335 | ||
336 | #if 0 | 336 | #if 0 |
337 | if (unlikely(current->audit_context)) | 337 | audit_syscall_entry(current, AUDIT_ARCH_XTENSA..); |
338 | audit_syscall_entry(current, AUDIT_ARCH_XTENSA..); | ||
339 | #endif | 338 | #endif |
340 | } | 339 | } |
341 | 340 | ||