From: Benjamin Berg <benjamin.b...@intel.com> Hi all,
another version of the SECCOMP patchset. I think that this should now be good enough for general consumption. Compared to the last RFC version there is an important bugfix that caused a SIGSEGV loop and various other small bugfixes and cleanups. The patchset adds a new userspace handling mode to UML that is based on a SECCOMP filter and trusted code within each userspace process. The motivation the new SECCOMP mode is that it saves context switches when handling pagefaults and for syscalls like mmap. The approach may also permit SMP support in the future and might make it easier to port UML to further host architectures. Benjamin v1: - Remove explicit (and insufficient) kconfig.h includes - Change commit order to move configuration to the end - Fix futex wait race condition - Also handle child dying during stub startup RFCv2: - Fix FP handling on i386 - Improved MM list for userspace sigchild handling - Remove kconfig.h includes - Minor cleanups Benjamin Berg (9): um: Store full CSGSFS and SS register from mcontext um: Move faultinfo extraction into userspace routine um: Add stub side of SECCOMP/futex based process handling um: Add helper functions to get/set state for SECCOMP um: Add SECCOMP support detection and initialization um: Track userspace children dying in SECCOMP mode um: Implement kernel side of SECCOMP based process handling um: pass FD for memory operations when needed um: Add UML_SECCOMP configuration option arch/um/Kconfig | 19 + arch/um/include/asm/irq.h | 5 +- arch/um/include/asm/mmu.h | 3 + arch/um/include/shared/common-offsets.h | 4 + arch/um/include/shared/irq_user.h | 1 + arch/um/include/shared/os.h | 3 +- arch/um/include/shared/skas/mm_id.h | 13 + arch/um/include/shared/skas/skas.h | 5 + arch/um/include/shared/skas/stub-data.h | 20 +- arch/um/kernel/irq.c | 6 + arch/um/kernel/skas/mmu.c | 89 +++- arch/um/kernel/skas/stub.c | 134 +++++- arch/um/kernel/skas/stub_exe.c | 159 ++++++- arch/um/os-Linux/internal.h | 5 +- arch/um/os-Linux/process.c | 31 ++ arch/um/os-Linux/registers.c | 4 +- arch/um/os-Linux/signal.c | 19 +- arch/um/os-Linux/skas/mem.c | 103 ++++- arch/um/os-Linux/skas/process.c | 485 +++++++++++++++------ arch/um/os-Linux/start_up.c | 150 ++++++- arch/x86/um/os-Linux/mcontext.c | 223 +++++++++- arch/x86/um/ptrace.c | 76 +++- arch/x86/um/shared/sysdep/kernel-offsets.h | 2 + arch/x86/um/shared/sysdep/mcontext.h | 9 + arch/x86/um/shared/sysdep/stub-data.h | 23 + arch/x86/um/shared/sysdep/stub.h | 2 + arch/x86/um/shared/sysdep/stub_32.h | 13 + arch/x86/um/shared/sysdep/stub_64.h | 17 + arch/x86/um/tls_32.c | 23 +- 29 files changed, 1439 insertions(+), 207 deletions(-) create mode 100644 arch/x86/um/shared/sysdep/stub-data.h -- 2.48.1
