On Wed, Jul 29, 2015 at 10:56 PM, Michael Ellerman <m...@ellerman.id.au> wrote: > This commit enables seccomp filter on powerpc, now that we have all the > necessary pieces in place. > > To support seccomp's desire to modify the syscall return value under > some circumstances, we use a different ABI to the ptrace ABI. That is we > use r3 as the syscall return value, and orig_gpr3 is the first syscall > parameter. > > This means the seccomp code, or a ptracer via SECCOMP_RET_TRACE, will > see -ENOSYS preloaded in r3. This is identical to the behaviour on x86, > and allows seccomp or the ptracer to either leave the -ENOSYS or change > it to something else, as well as rejecting or not the syscall by > modifying r0. > > If seccomp does not reject the syscall, we restore the register state to > match what ptrace and audit expect, ie. r3 is the first syscall > parameter again. We do this restore using orig_gpr3, which may have been > modified by seccomp, which allows seccomp to modify the first syscall > paramater and allow the syscall to proceed. > > We need to #ifdef the the additional handling of r3 for seccomp, so move > it all out of line. > > Signed-off-by: Michael Ellerman <m...@ellerman.id.au> > Reviewed-by: Kees Cook <keesc...@chromium.org> > --- > arch/powerpc/Kconfig | 1 + > arch/powerpc/kernel/ptrace.c | 41 ++++++++++++++++++++++++++++++++++++++++- > 2 files changed, 41 insertions(+), 1 deletion(-) > > > v2: The previous version didn't compile for CONFIG_SECCOMP=n. To fix it up I > moved the logic out of line and #ifdef'ed that. It gets inlined by the > compiler > so the end result is the same. > > Kees I kept your Reviewed-by on the basis that the interesting logic is > the > same, hope that's OK by you.
Totally fine. Thanks! -Kees -- Kees Cook Chrome OS Security _______________________________________________ Linuxppc-dev mailing list Linuxppc-dev@lists.ozlabs.org https://lists.ozlabs.org/listinfo/linuxppc-dev
