mirror of
https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux
synced 2025-10-12 05:38:46 +10:00
6baaade155
Add secure_computing() call to syscall_trace_enter to actually filter system calls. Add necessary arch Kconfig options, define TIF_SECCOMP trace flag and provide basic seccomp filter support in asm/syscall.h syscall_get_nr currently uses the syscall nr stored in orig_d0 because we change d0 to a default return code before starting a syscall trace. This may be inconsistent with syscall_rollback copying orig_d0 to d0 (which we never check upon return from trace). We use d0 for the return code from syscall_trace_enter in entry.S currently, and could perhaps expand that to store a new syscall number returned by the seccomp filter before executing the syscall. This clearly needs some discussion. seccomp_bpf self test on ARAnyM passes 81 out of 94 tests. Signed-off-by: Michael Schmitz <schmitzmic@gmail.com> Reviewed-by: Geert Uytterhoeven <geert@linux-m68k.org> Link: https://lore.kernel.org/r/20230112035529.13521-3-schmitzmic@gmail.com Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org> |
||
|---|---|---|
| .. | ||
| syscalls | ||
| .gitignore | ||
| asm-offsets.c | ||
| bootinfo_proc.c | ||
| dma.c | ||
| early_printk.c | ||
| entry.S | ||
| head.S | ||
| ints.c | ||
| irq.c | ||
| machine_kexec.c | ||
| Makefile | ||
| module.c | ||
| pcibios.c | ||
| process.c | ||
| ptrace.c | ||
| relocate_kernel.S | ||
| setup_mm.c | ||
| setup_no.c | ||
| setup.c | ||
| signal.c | ||
| sun3-head.S | ||
| sys_m68k.c | ||
| syscalltable.S | ||
| time.c | ||
| traps.c | ||
| uboot.c | ||
| vectors.c | ||
| vmlinux-nommu.lds | ||
| vmlinux-std.lds | ||
| vmlinux-sun3.lds | ||
| vmlinux.lds.S | ||