| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202501201344.E7FBB164@keescook>
Date: Mon, 20 Jan 2025 13:48:25 -0800
From: Kees Cook <kees@...nel.org>
To: Oleg Nesterov <oleg@...hat.com>
Cc: Andy Lutomirski <luto@...capital.net>, Will Drewry <wad@...omium.org>,
Thomas Bogendoerfer <tsbogend@...ha.franken.de>,
Madhavan Srinivasan <maddy@...ux.ibm.com>,
Michael Ellerman <mpe@...erman.id.au>,
Thomas Gleixner <tglx@...utronix.de>,
Peter Zijlstra <peterz@...radead.org>, linux-kernel@...r.kernel.org,
linux-mips@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org
Subject: Re: [PATCH 1/4] seccomp/mips: change syscall_trace_enter() to use
secure_computing()
On Mon, Jan 20, 2025 at 02:44:45PM +0100, Oleg Nesterov wrote:
> arch/mips/Kconfig selects HAVE_ARCH_SECCOMP_FILTER so syscall_trace_enter()
> can just use __secure_computing(NULL) and rely on populate_seccomp_data(sd)
> and "sd == NULL" checks in __secure_computing(sd) paths.
>
> With the change above syscall_trace_enter() can just use secure_computing()
> and avoid #ifdef + test_thread_flag(TIF_SECCOMP). CONFIG_GENERIC_ENTRY is
> not defined, so test_syscall_work(SECCOMP) will check TIF_SECCOMP.
>
> Signed-off-by: Oleg Nesterov <oleg@...hat.com>
> ---
> arch/mips/kernel/ptrace.c | 20 ++------------------
> 1 file changed, 2 insertions(+), 18 deletions(-)
>
> diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c
> index 61503a36067e..f7107479c7fa 100644
> --- a/arch/mips/kernel/ptrace.c
> +++ b/arch/mips/kernel/ptrace.c
> @@ -1326,24 +1326,8 @@ asmlinkage long syscall_trace_enter(struct pt_regs *regs)
> return -1;
> }
>
> -#ifdef CONFIG_SECCOMP
> - if (unlikely(test_thread_flag(TIF_SECCOMP))) {
Yup, this test works out the same as what secure_computing() does.
> - int ret, i;
> - struct seccomp_data sd;
> - unsigned long args[6];
> -
> - sd.nr = current_thread_info()->syscall;
This matches MIPS's syscall_get_nr() in populate_seccomp_data().
> - sd.arch = syscall_get_arch(current);
> - syscall_get_arguments(current, regs, args);
> - for (i = 0; i < 6; i++)
> - sd.args[i] = args[i];
> - sd.instruction_pointer = KSTK_EIP(current);
Rest matches the rest of populate_seccomp_data().
> -
> - ret = __secure_computing(&sd);
> - if (ret == -1)
> - return ret;
> - }
> -#endif
> + if (secure_computing())
> + return -1;
>
> if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
> trace_sys_enter(regs, regs->regs[2]);
> --
So this check out logically from what I can see. I can build test it,
but I don't have MIPS emulation set up. I'd love an Ack from a MIPS
maintainer...
Reviewed-by: Kees Cook <kees@...nel.org>
--
Kees Cook
Powered by blists - more mailing lists