| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 9 Apr 2012 14:24:00 -0500 From: Will Drewry <wad@...omium.org> To: Andrew Morton <akpm@...ux-foundation.org> Cc: linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, linux-arch@...r.kernel.org, linux-doc@...r.kernel.org, kernel-hardening@...ts.openwall.com, netdev@...r.kernel.org, x86@...nel.org, arnd@...db.de, davem@...emloft.net, hpa@...or.com, mingo@...hat.com, oleg@...hat.com, peterz@...radead.org, rdunlap@...otime.net, mcgrathr@...omium.org, tglx@...utronix.de, luto@....edu, eparis@...hat.com, serge.hallyn@...onical.com, djm@...drot.org, scarybeasts@...il.com, indan@....nu, pmoore@...hat.com, corbet@....net, eric.dumazet@...il.com, markus@...omium.org, coreyb@...ux.vnet.ibm.com, keescook@...omium.org, jmorris@...ei.org Subject: Re: [PATCH v17 07/15] asm/syscall.h: add syscall_get_arch On Fri, Apr 6, 2012 at 3:05 PM, Andrew Morton <akpm@...ux-foundation.org> wrote: > On Thu, 29 Mar 2012 15:01:52 -0500 > Will Drewry <wad@...omium.org> wrote: > >> Adds a stub for a function that will return the AUDIT_ARCH_* >> value appropriate to the supplied task based on the system >> call convention. >> >> For audit's use, the value can generally be hard-coded at the >> audit-site. However, for other functionality not inlined into >> syscall entry/exit, this makes that information available. >> seccomp_filter is the first planned consumer and, as such, >> the comment indicates a tie to HAVE_ARCH_SECCOMP_FILTER. That > > Should be "CONFIG_HAVE_ARCH_SECCOMP_FILTER", I hope. yes! > >> is probably an unneeded detail. >> >> ... >> >> --- a/include/asm-generic/syscall.h >> +++ b/include/asm-generic/syscall.h >> @@ -142,4 +142,18 @@ void syscall_set_arguments(struct task_struct *task, struct pt_regs *regs, >> unsigned int i, unsigned int n, >> const unsigned long *args); >> >> +/** >> + * syscall_get_arch - return the AUDIT_ARCH for the current system call >> + * @task: task of interest, must be in system call entry tracing >> + * @regs: task_pt_regs() of @task >> + * >> + * Returns the AUDIT_ARCH_* based on the system call convention in use. >> + * >> + * It's only valid to call this when @task is stopped on entry to a system >> + * call, due to %TIF_SYSCALL_TRACE, %TIF_SYSCALL_AUDIT, or %TIF_SECCOMP. >> + * >> + * Note, at present this function is only required with >> + * CONFIG_HAVE_ARCH_SECCOMP_FILTER. >> + */ >> +int syscall_get_arch(struct task_struct *task, struct pt_regs *regs); >> #endif /* _ASM_SYSCALL_H */ > > So architectures which permit CONFIG_HAVE_ARCH_SECCOMP_FILTER must > provide an implementation of this. Much better wording. In practice, many of the existing places that audit arch is needed already know the calling convention because they happen in asm or have hardcoded values. It may be that other consumers may want this information later, like ftrace, but I'm not sure of any that will immediately benefit from it right now. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists