tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

tile: enable full SECCOMP support

Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>

Chris Metcalf a0ddef81 38715df2

+57 -5
+1 -1
Documentation/features/seccomp/seccomp-filter/arch-support.txt
··· 32 32 | score: | TODO | 33 33 | sh: | TODO | 34 34 | sparc: | TODO | 35 - | tile: | TODO | 35 + | tile: | ok | 36 36 | um: | TODO | 37 37 | unicore32: | TODO | 38 38 | x86: | ok |
+17
arch/tile/Kconfig
··· 32 32 select EDAC_SUPPORT 33 33 select GENERIC_STRNCPY_FROM_USER 34 34 select GENERIC_STRNLEN_USER 35 + select HAVE_ARCH_SECCOMP_FILTER 35 36 36 37 # FIXME: investigate whether we need/want these options. 37 38 # select HAVE_IOREMAP_PROT ··· 221 220 ---help--- 222 221 If enabled, the kernel will support running TILE-Gx binaries 223 222 that were built with the -m32 option. 223 + 224 + config SECCOMP 225 + bool "Enable seccomp to safely compute untrusted bytecode" 226 + depends on PROC_FS 227 + help 228 + This kernel feature is useful for number crunching applications 229 + that may need to compute untrusted bytecode during their 230 + execution. By using pipes or other transports made available to 231 + the process as file descriptors supporting the read/write 232 + syscalls, it's possible to isolate those applications in 233 + their own address space using seccomp. Once seccomp is 234 + enabled via prctl, it cannot be disabled and the task is only 235 + allowed to execute a few safe syscalls defined by each seccomp 236 + mode. 237 + 238 + If unsure, say N. 224 239 225 240 config SYSVIPC_COMPAT 226 241 def_bool y
+1
arch/tile/include/asm/Kbuild
··· 28 28 generic-y += posix_types.h 29 29 generic-y += preempt.h 30 30 generic-y += resource.h 31 + generic-y += seccomp.h 31 32 generic-y += sembuf.h 32 33 generic-y += serial.h 33 34 generic-y += shmbuf.h
+1 -3
arch/tile/include/asm/elf.h
··· 22 22 #include <arch/chip.h> 23 23 24 24 #include <linux/ptrace.h> 25 + #include <linux/elf-em.h> 25 26 #include <asm/byteorder.h> 26 27 #include <asm/page.h> 27 28 ··· 30 29 31 30 #define ELF_NGREG (sizeof(struct pt_regs) / sizeof(elf_greg_t)) 32 31 typedef elf_greg_t elf_gregset_t[ELF_NGREG]; 33 - 34 - #define EM_TILEPRO 188 35 - #define EM_TILEGX 191 36 32 37 33 /* Provide a nominal data structure. */ 38 34 #define ELF_NFPREG 0
+27 -1
arch/tile/include/asm/syscall.h
··· 20 20 21 21 #include <linux/sched.h> 22 22 #include <linux/err.h> 23 + #include <linux/audit.h> 24 + #include <linux/compat.h> 23 25 #include <arch/abi.h> 24 26 25 27 /* The array of function pointers for syscalls. */ ··· 63 61 struct pt_regs *regs, 64 62 int error, long val) 65 63 { 66 - regs->regs[0] = (long) error ?: val; 64 + if (error) { 65 + /* R0 is the passed-in negative error, R1 is positive. */ 66 + regs->regs[0] = error; 67 + regs->regs[1] = -error; 68 + } else { 69 + /* R1 set to zero to indicate no error. */ 70 + regs->regs[0] = val; 71 + regs->regs[1] = 0; 72 + } 67 73 } 68 74 69 75 static inline void syscall_get_arguments(struct task_struct *task, ··· 90 80 { 91 81 BUG_ON(i + n > 6); 92 82 memcpy(&regs[i], args, n * sizeof(args[0])); 83 + } 84 + 85 + /* 86 + * We don't care about endianness (__AUDIT_ARCH_LE bit) here because 87 + * tile has the same system calls both on little- and big- endian. 88 + */ 89 + static inline int syscall_get_arch(void) 90 + { 91 + if (is_compat_task()) 92 + return AUDIT_ARCH_TILEGX32; 93 + 94 + #ifdef CONFIG_TILEGX 95 + return AUDIT_ARCH_TILEGX; 96 + #else 97 + return AUDIT_ARCH_TILEPRO; 98 + #endif 93 99 } 94 100 95 101 #endif /* _ASM_TILE_SYSCALL_H */
+1
arch/tile/kernel/intvec_32.S
··· 1224 1224 jal do_syscall_trace_enter 1225 1225 } 1226 1226 FEEDBACK_REENTER(handle_syscall) 1227 + blz r0, .Lsyscall_sigreturn_skip 1227 1228 1228 1229 /* 1229 1230 * We always reload our registers from the stack at this
+1
arch/tile/kernel/intvec_64.S
··· 1247 1247 jal do_syscall_trace_enter 1248 1248 } 1249 1249 FEEDBACK_REENTER(handle_syscall) 1250 + bltz r0, .Lsyscall_sigreturn_skip 1250 1251 1251 1252 /* 1252 1253 * We always reload our registers from the stack at this
+3
arch/tile/kernel/ptrace.c
··· 262 262 if (work & _TIF_NOHZ) 263 263 user_exit(); 264 264 265 + if (secure_computing() == -1) 266 + return -1; 267 + 265 268 if (work & _TIF_SYSCALL_TRACE) { 266 269 if (tracehook_report_syscall_entry(regs)) 267 270 regs->regs[TREG_SYSCALL_NR] = -1;
+3
include/uapi/linux/audit.h
··· 382 382 #define AUDIT_ARCH_SHEL64 (EM_SH|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE) 383 383 #define AUDIT_ARCH_SPARC (EM_SPARC) 384 384 #define AUDIT_ARCH_SPARC64 (EM_SPARCV9|__AUDIT_ARCH_64BIT) 385 + #define AUDIT_ARCH_TILEGX (EM_TILEGX|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE) 386 + #define AUDIT_ARCH_TILEGX32 (EM_TILEGX|__AUDIT_ARCH_LE) 387 + #define AUDIT_ARCH_TILEPRO (EM_TILEPRO|__AUDIT_ARCH_LE) 385 388 #define AUDIT_ARCH_X86_64 (EM_X86_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE) 386 389 387 390 #define AUDIT_PERM_EXEC 1
+2
include/uapi/linux/elf-em.h
··· 38 38 #define EM_ALTERA_NIOS2 113 /* Altera Nios II soft-core processor */ 39 39 #define EM_TI_C6000 140 /* TI C6X DSPs */ 40 40 #define EM_AARCH64 183 /* ARM 64 bit */ 41 + #define EM_TILEPRO 188 /* Tilera TILEPro */ 42 + #define EM_TILEGX 191 /* Tilera TILE-Gx */ 41 43 #define EM_FRV 0x5441 /* Fujitsu FR-V */ 42 44 #define EM_AVR32 0x18ad /* Atmel AVR32 */ 43 45