| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <14bcd6dd3475d97b030ecb7044646f1b10d3205f.camel@physik.fu-berlin.de> Date: Thu, 05 Feb 2026 15:38:49 +0100 From: John Paul Adrian Glaubitz <glaubitz@...sik.fu-berlin.de> To: Magnus Lindholm <linmag7@...il.com>, richard.henderson@...aro.org, mattst88@...il.com, macro@...am.me.uk, macro@...hat.com, mcree@...on.net.nz, ink@...een.parts, linux-kernel@...r.kernel.org, linux-alpha@...r.kernel.org, kees@...nel.org Subject: Re: [PATCH 1/1] alpha: add support for SECCOMP and SECCOMP_FILTER Hi Magnus, On Thu, 2026-02-05 at 14:29 +0100, Magnus Lindholm wrote: > Add SECCOMP and SECCOMP_FILTER support to the Alpha architecture and fix > syscall entry and ptrace issues uncovered by the seccomp-bpf selftests. > > The syscall entry path is reworked to consistently track syscall state > using r0, r1 and r2: > - r1 holds the active syscall number > - r2 preserves the original syscall number for restart > - r0 carries the return value, with r19 (a3) indicating success/error > > This allows syscall restarts to be permitted only for valid ERESTART* > return codes and prevents kernel-internal restart values from leaking to > userspace. The syscall tracing error marker is corrected to use the saved > syscall number slot, matching the Alpha ABI. > > Additionally, implement minimal PTRACE_GETREGSET and PTRACE_SETREGSET > support for NT_PRSTATUS, exporting struct pt_regs directly. This fixes > ptrace-based seccomp tests that previously failed with -EIO. > > With these changes, seccomp-bpf and ptrace syscall tests pass reliably on > Alpha. > > Signed-off-by: Magnus Lindholm <linmag7@...il.com> > --- > arch/alpha/Kconfig | 2 + > arch/alpha/include/asm/seccomp.h | 13 +++ > arch/alpha/include/asm/syscall.h | 90 +++++++++++++++++++- > arch/alpha/include/asm/thread_info.h | 16 +++- > arch/alpha/kernel/entry.S | 123 +++++++++++++++++++++++---- > arch/alpha/kernel/ptrace.c | 83 ++++++++++++++++-- > 6 files changed, 304 insertions(+), 23 deletions(-) > create mode 100644 arch/alpha/include/asm/seccomp.h Thanks so much for working on this! Alpha and SPARC are the last two architectures in Debian that are missing full support for SECCOMP filter. Great to see that Alpha is now being worked on. FWIW, I haven't tested your patches yet, but I think you should also update the documentation in Documentation/features/seccomp/seccomp-filter/arch-support.txt. I will try to add support for Alpha in libseccomp over the weekend to test your patch. Adrian -- .''`. John Paul Adrian Glaubitz : :' : Debian Developer `. `' Physicist `- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
Powered by blists - more mailing lists