From: Benjamin Berg <benjamin.b...@intel.com> Hi all,
this is an updated version of the SECCOMP patchset. The patchset adds a new userspace handling mode to UML that is based on a SECCOMP filter and trusted code within each userspace process. One advantage of this approach is that it saves quite a few context switches when handling pagefaults (and syscalls to some extend). The reason is that the ptrace code needs a separate context switch to execute syscalls in the stub as well as another one to grab the segfault information. This new version of the patchset changes the security model to use FD passing for the memory to ensure only the stub code can use the permitted syscalls. Note that the current SECCOMP filter is not yet sufficient to prevent userspace from tricking the kernel (and stub) to map any physical memory. Also new is working i386 support. Benjamin Benjamin Berg (9): um: Store full CSGSFS and SS register from mcontext um: Move faultinfo extraction into userspace routine um: Add UML_SECCOMP configuration option um: Add stub side of SECCOMP/futex based process handling um: Add helper functions to get/set state for SECCOMP um: Add SECCOMP support detection and initialization um: Track userspace children dying in SECCOMP mode um: Implement kernel side of SECCOMP based process handling um: pass FD for memory operations when needed arch/um/Kconfig | 20 + arch/um/include/asm/irq.h | 5 +- arch/um/include/shared/common-offsets.h | 3 + arch/um/include/shared/irq_user.h | 1 + arch/um/include/shared/os.h | 3 +- arch/um/include/shared/skas/mm_id.h | 16 + arch/um/include/shared/skas/skas.h | 6 + arch/um/include/shared/skas/stub-data.h | 21 +- arch/um/kernel/irq.c | 5 + arch/um/kernel/skas/mmu.c | 98 +++- arch/um/kernel/skas/stub.c | 131 +++++- arch/um/kernel/skas/stub_exe.c | 162 ++++++- arch/um/kernel/tlb.c | 21 +- arch/um/os-Linux/internal.h | 4 + arch/um/os-Linux/process.c | 31 ++ arch/um/os-Linux/registers.c | 4 +- arch/um/os-Linux/signal.c | 19 +- arch/um/os-Linux/skas/mem.c | 104 ++++- arch/um/os-Linux/skas/process.c | 501 +++++++++++++++------ arch/um/os-Linux/start_up.c | 150 +++++- arch/x86/um/os-Linux/mcontext.c | 203 ++++++++- arch/x86/um/shared/sysdep/kernel-offsets.h | 2 + arch/x86/um/shared/sysdep/mcontext.h | 9 + arch/x86/um/shared/sysdep/stub-data.h | 18 + arch/x86/um/shared/sysdep/stub.h | 2 + arch/x86/um/shared/sysdep/stub_32.h | 13 + arch/x86/um/shared/sysdep/stub_64.h | 14 + arch/x86/um/tls_32.c | 23 +- 28 files changed, 1388 insertions(+), 201 deletions(-) create mode 100644 arch/x86/um/shared/sysdep/stub-data.h -- 2.46.1
