tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Merge tag 'xtensa-20200805' of git://github.com/jcmvbkbc/linux-xtensa

Pull Xtensa updates from Max Filippov:

- add syscall audit support

- add seccomp filter support

- clean up make rules under arch/xtensa/boot

- fix state management for exclusive access opcodes

- fix build with PMU enabled

* tag 'xtensa-20200805' of git://github.com/jcmvbkbc/linux-xtensa:
xtensa: add missing exclusive access state management
xtensa: fix xtensa_pmu_setup prototype
xtensa: add boot subdirectories build artifacts to 'targets'
xtensa: add uImage and xipImage to targets
xtensa: move vmlinux.bin[.gz] to boot subdirectory
xtensa: initialize_mmu.h: fix a duplicated word
selftests/seccomp: add xtensa support
xtensa: add seccomp support
xtensa: expose syscall through user_pt_regs
xtensa: add audit support

Linus Torvalds bbcf9cd1 9ab9bc51

+87 -16
+1 -1
Documentation/features/seccomp/seccomp-filter/arch-support.txt
··· 29 29 | sparc: | TODO | 30 30 | um: | ok | 31 31 | x86: | ok | 32 - | xtensa: | TODO | 32 + | xtensa: | ok | 33 33 -----------------------
+16
arch/xtensa/Kconfig
··· 21 21 select GENERIC_PCI_IOMAP 22 22 select GENERIC_SCHED_CLOCK 23 23 select GENERIC_STRNCPY_FROM_USER if KASAN 24 + select HAVE_ARCH_AUDITSYSCALL 24 25 select HAVE_ARCH_JUMP_LABEL if !XIP_KERNEL 25 26 select HAVE_ARCH_KASAN if MMU && !XIP_KERNEL 27 + select HAVE_ARCH_SECCOMP_FILTER 26 28 select HAVE_ARCH_TRACEHOOK 27 29 select HAVE_DEBUG_KMEMLEAK 28 30 select HAVE_DMA_CONTIGUOUS ··· 216 214 controlled through /sys/devices/system/cpu. 217 215 218 216 Say N if you want to disable CPU hotplug. 217 + 218 + config SECCOMP 219 + bool 220 + prompt "Enable seccomp to safely compute untrusted bytecode" 221 + help 222 + This kernel feature is useful for number crunching applications 223 + that may need to compute untrusted bytecode during their 224 + execution. By using pipes or other transports made available to 225 + the process as file descriptors supporting the read/write 226 + syscalls, it's possible to isolate those applications in 227 + their own address space using seccomp. Once seccomp is 228 + enabled via prctl(PR_SET_SECCOMP), it cannot be disabled 229 + and the task is only allowed to execute a few safe syscalls 230 + defined by each seccomp mode. 219 231 220 232 config FAST_SYSCALL_XTENSA 221 233 bool "Enable fast atomic syscalls"
+7 -5
arch/xtensa/boot/Makefile
··· 17 17 export BIG_ENDIAN 18 18 19 19 subdir-y := lib 20 + targets += vmlinux.bin vmlinux.bin.gz 21 + targets += uImage xipImage 20 22 21 23 # Subdirs for the boot loader(s) 22 24 ··· 37 35 38 36 OBJCOPYFLAGS = --strip-all -R .comment -R .notes -O binary 39 37 40 - vmlinux.bin: vmlinux FORCE 38 + $(obj)/vmlinux.bin: vmlinux FORCE 41 39 $(call if_changed,objcopy) 42 40 43 - vmlinux.bin.gz: vmlinux.bin FORCE 41 + $(obj)/vmlinux.bin.gz: $(obj)/vmlinux.bin FORCE 44 42 $(call if_changed,gzip) 45 43 46 - boot-elf: vmlinux.bin 47 - boot-redboot: vmlinux.bin.gz 44 + boot-elf: $(obj)/vmlinux.bin 45 + boot-redboot: $(obj)/vmlinux.bin.gz 48 46 49 47 UIMAGE_LOADADDR = $(CONFIG_KERNEL_LOAD_ADDRESS) 50 48 UIMAGE_COMPRESSION = gzip 51 49 52 - $(obj)/uImage: vmlinux.bin.gz FORCE 50 + $(obj)/uImage: $(obj)/vmlinux.bin.gz FORCE 53 51 $(call if_changed,uimage) 54 52 $(Q)$(kecho) ' Kernel: $@ is ready' 55 53
+3 -2
arch/xtensa/boot/boot-elf/Makefile
··· 15 15 export KBUILD_AFLAGS += -mtext-section-literals 16 16 17 17 boot-y := bootstrap.o 18 + targets += $(boot-y) boot.lds 18 19 19 20 OBJS := $(addprefix $(obj)/,$(boot-y)) 20 21 21 - $(obj)/Image.o: vmlinux.bin $(OBJS) 22 + $(obj)/Image.o: $(obj)/../vmlinux.bin $(OBJS) 22 23 $(Q)$(OBJCOPY) $(OBJCOPY_ARGS) -R .comment \ 23 - --add-section image=vmlinux.bin \ 24 + --add-section image=$< \ 24 25 --set-section-flags image=contents,alloc,load,load,data \ 25 26 $(OBJS) $@ 26 27
+3 -2
arch/xtensa/boot/boot-redboot/Makefile
··· 13 13 LD_ARGS = -T $(srctree)/$(obj)/boot.ld 14 14 15 15 boot-y := bootstrap.o 16 + targets += $(boot-y) 16 17 17 18 OBJS := $(addprefix $(obj)/,$(boot-y)) 18 19 LIBS := arch/xtensa/boot/lib/lib.a arch/xtensa/lib/lib.a 19 20 20 21 LIBGCC := $(shell $(CC) $(KBUILD_CFLAGS) -print-libgcc-file-name) 21 22 22 - $(obj)/zImage.o: vmlinux.bin.gz $(OBJS) 23 + $(obj)/zImage.o: $(obj)/../vmlinux.bin.gz $(OBJS) 23 24 $(Q)$(OBJCOPY) $(OBJCOPY_ARGS) -R .comment \ 24 - --add-section image=vmlinux.bin.gz \ 25 + --add-section image=$< \ 25 26 --set-section-flags image=contents,alloc,load,load,data \ 26 27 $(OBJS) $@ 27 28
+1
arch/xtensa/include/asm/Kbuild
··· 7 7 generic-y += param.h 8 8 generic-y += qrwlock.h 9 9 generic-y += qspinlock.h 10 + generic-y += seccomp.h 10 11 generic-y += user.h
+1 -1
arch/xtensa/include/asm/initialize_mmu.h
··· 6 6 * For the new V3 MMU we remap the TLB from virtual == physical 7 7 * to the standard Linux mapping used in earlier MMU's. 8 8 * 9 - * The the MMU we also support a new configuration register that 9 + * For the MMU we also support a new configuration register that 10 10 * specifies how the S32C1I instruction operates with the cache 11 11 * controller. 12 12 *
+10 -1
arch/xtensa/include/asm/thread_info.h
··· 55 55 mm_segment_t addr_limit; /* thread address space */ 56 56 57 57 unsigned long cpenable; 58 + #if XCHAL_HAVE_EXCLUSIVE 59 + /* result of the most recent exclusive store */ 60 + unsigned long atomctl8; 61 + #endif 58 62 59 63 /* Allocate storage for extra user states and coprocessor states. */ 60 64 #if XTENSA_HAVE_COPROCESSORS ··· 115 111 #define TIF_RESTORE_SIGMASK 6 /* restore signal mask in do_signal() */ 116 112 #define TIF_NOTIFY_RESUME 7 /* callback before returning to user */ 117 113 #define TIF_DB_DISABLED 8 /* debug trap disabled for syscall */ 114 + #define TIF_SYSCALL_AUDIT 9 /* syscall auditing active */ 115 + #define TIF_SECCOMP 10 /* secure computing */ 118 116 119 117 #define _TIF_SYSCALL_TRACE (1<<TIF_SYSCALL_TRACE) 120 118 #define _TIF_SIGPENDING (1<<TIF_SIGPENDING) 121 119 #define _TIF_NEED_RESCHED (1<<TIF_NEED_RESCHED) 122 120 #define _TIF_SINGLESTEP (1<<TIF_SINGLESTEP) 123 121 #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT) 122 + #define _TIF_SYSCALL_AUDIT (1<<TIF_SYSCALL_AUDIT) 123 + #define _TIF_SECCOMP (1<<TIF_SECCOMP) 124 124 125 125 #define _TIF_WORK_MASK (_TIF_SYSCALL_TRACE | _TIF_SINGLESTEP | \ 126 - _TIF_SYSCALL_TRACEPOINT) 126 + _TIF_SYSCALL_TRACEPOINT | \ 127 + _TIF_SYSCALL_AUDIT | _TIF_SECCOMP) 127 128 128 129 #define THREAD_SIZE KERNEL_STACK_SIZE 129 130 #define THREAD_SIZE_ORDER (KERNEL_STACK_SHIFT - PAGE_SHIFT)
+2 -1
arch/xtensa/include/uapi/asm/ptrace.h
··· 50 50 __u32 windowstart; 51 51 __u32 windowbase; 52 52 __u32 threadptr; 53 - __u32 reserved[7 + 48]; 53 + __u32 syscall; 54 + __u32 reserved[6 + 48]; 54 55 __u32 a[64]; 55 56 }; 56 57
+3
arch/xtensa/kernel/asm-offsets.c
··· 93 93 DEFINE(THREAD_RA, offsetof (struct task_struct, thread.ra)); 94 94 DEFINE(THREAD_SP, offsetof (struct task_struct, thread.sp)); 95 95 DEFINE(THREAD_CPENABLE, offsetof (struct thread_info, cpenable)); 96 + #if XCHAL_HAVE_EXCLUSIVE 97 + DEFINE(THREAD_ATOMCTL8, offsetof (struct thread_info, atomctl8)); 98 + #endif 96 99 #if XTENSA_HAVE_COPROCESSORS 97 100 DEFINE(THREAD_XTREGS_CP0, offsetof(struct thread_info, xtregs_cp.cp0)); 98 101 DEFINE(THREAD_XTREGS_CP1, offsetof(struct thread_info, xtregs_cp.cp1));
+11
arch/xtensa/kernel/entry.S
··· 374 374 s32i a2, a1, PT_LCOUNT 375 375 #endif 376 376 377 + #if XCHAL_HAVE_EXCLUSIVE 378 + /* Clear exclusive access monitor set by interrupted code */ 379 + clrex 380 + #endif 381 + 377 382 /* It is now save to restore the EXC_TABLE_FIXUP variable. */ 378 383 379 384 rsr a2, exccause ··· 2023 2018 l32i a3, a5, THREAD_CPENABLE 2024 2019 xsr a3, cpenable 2025 2020 s32i a3, a4, THREAD_CPENABLE 2021 + #endif 2022 + 2023 + #if XCHAL_HAVE_EXCLUSIVE 2024 + l32i a3, a5, THREAD_ATOMCTL8 2025 + getex a3 2026 + s32i a3, a4, THREAD_ATOMCTL8 2026 2027 #endif 2027 2028 2028 2029 /* Flush register file. */
+1 -1
arch/xtensa/kernel/perf_event.c
··· 399 399 .read = xtensa_pmu_read, 400 400 }; 401 401 402 - static int xtensa_pmu_setup(int cpu) 402 + static int xtensa_pmu_setup(unsigned int cpu) 403 403 { 404 404 unsigned i; 405 405
+13 -1
arch/xtensa/kernel/ptrace.c
··· 12 12 * Marc Gauthier<marc@tensilica.com> <marc@alumni.uwaterloo.ca> 13 13 */ 14 14 15 + #include <linux/audit.h> 15 16 #include <linux/errno.h> 16 17 #include <linux/hw_breakpoint.h> 17 18 #include <linux/kernel.h> ··· 22 21 #include <linux/regset.h> 23 22 #include <linux/sched.h> 24 23 #include <linux/sched/task_stack.h> 24 + #include <linux/seccomp.h> 25 25 #include <linux/security.h> 26 26 #include <linux/signal.h> 27 27 #include <linux/smp.h> ··· 53 51 .threadptr = regs->threadptr, 54 52 .windowbase = regs->windowbase, 55 53 .windowstart = regs->windowstart, 54 + .syscall = regs->syscall, 56 55 }; 57 56 58 57 memcpy(newregs.a, ··· 92 89 regs->lcount = newregs.lcount; 93 90 regs->sar = newregs.sar; 94 91 regs->threadptr = newregs.threadptr; 92 + 93 + if (newregs.syscall) 94 + regs->syscall = newregs.syscall; 95 95 96 96 if (newregs.windowbase != regs->windowbase || 97 97 newregs.windowstart != regs->windowstart) { ··· 560 554 return 0; 561 555 } 562 556 563 - if (regs->syscall == NO_SYSCALL) { 557 + if (regs->syscall == NO_SYSCALL || 558 + secure_computing() == -1) { 564 559 do_syscall_trace_leave(regs); 565 560 return 0; 566 561 } ··· 569 562 if (test_thread_flag(TIF_SYSCALL_TRACEPOINT)) 570 563 trace_sys_enter(regs, syscall_get_nr(current, regs)); 571 564 565 + audit_syscall_entry(regs->syscall, regs->areg[6], 566 + regs->areg[3], regs->areg[4], 567 + regs->areg[5]); 572 568 return 1; 573 569 } 574 570 575 571 void do_syscall_trace_leave(struct pt_regs *regs) 576 572 { 577 573 int step; 574 + 575 + audit_syscall_exit(regs); 578 576 579 577 if (test_thread_flag(TIF_SYSCALL_TRACEPOINT)) 580 578 trace_sys_exit(regs, regs_return_value(regs));
+15 -1
tools/testing/selftests/seccomp/seccomp_bpf.c
··· 129 129 # define __NR_seccomp 358 130 130 # elif defined(__s390__) 131 131 # define __NR_seccomp 348 132 + # elif defined(__xtensa__) 133 + # define __NR_seccomp 337 132 134 # else 133 135 # warning "seccomp syscall number unknown for this architecture" 134 136 # define __NR_seccomp 0xffff ··· 1701 1699 # define SYSCALL_SYSCALL_NUM regs[4] 1702 1700 # define SYSCALL_RET regs[2] 1703 1701 # define SYSCALL_NUM_RET_SHARE_REG 1702 + #elif defined(__xtensa__) 1703 + # define ARCH_REGS struct user_pt_regs 1704 + # define SYSCALL_NUM syscall 1705 + /* 1706 + * On xtensa syscall return value is in the register 1707 + * a2 of the current window which is not fixed. 1708 + */ 1709 + #define SYSCALL_RET(reg) a[(reg).windowbase * 4 + 2] 1704 1710 #else 1705 1711 # error "Do not know how to find your architecture's registers and syscalls" 1706 1712 #endif ··· 1780 1770 EXPECT_EQ(0, ret) {} 1781 1771 1782 1772 #if defined(__x86_64__) || defined(__i386__) || defined(__powerpc__) || \ 1783 - defined(__s390__) || defined(__hppa__) || defined(__riscv) 1773 + defined(__s390__) || defined(__hppa__) || defined(__riscv) || \ 1774 + defined(__xtensa__) 1784 1775 { 1785 1776 regs.SYSCALL_NUM = syscall; 1786 1777 } ··· 1824 1813 if (syscall == -1) 1825 1814 #ifdef SYSCALL_NUM_RET_SHARE_REG 1826 1815 TH_LOG("Can't modify syscall return on this architecture"); 1816 + 1817 + #elif defined(__xtensa__) 1818 + regs.SYSCALL_RET(regs) = result; 1827 1819 #else 1828 1820 regs.SYSCALL_RET = result; 1829 1821 #endif