From: 蔡正龙 <zhenglong.cai@cs2c.com.cn>
To: Matt Turner <mattst88@gmail.com>
Cc: LKML <linux-kernel@vger.kernel.org>,
linux-alpha <linux-alpha@vger.kernel.org>
Subject: Re: [alpha PATCH] enable syscall audit function at alpha architecture
Date: Thu, 12 Dec 2013 16:07:26 +0800 [thread overview]
Message-ID: <1386835646.2652.5.camel@localhost.localdomain> (raw)
In-Reply-To: <CAEdQ38Fyrr6Dg8A50+JzAF1qXUbVnsWdEjAQxePozhqWJvN=Tw@mail.gmail.com>
Dear Matt,
I have found one missing part for the patch, i missed init/Kconfig,
sorry for my mistake.
The updated patch as below:
arch/alpha/Kconfig | 3 +++
arch/alpha/include/asm/ptrace.h | 5 +++++
arch/alpha/include/asm/thread_info.h | 2 ++
arch/alpha/kernel/Makefile | 1 +
arch/alpha/kernel/entry.S | 6 +++++-
arch/alpha/kernel/ptrace.c | 4 ++++
init/Kconfig | 2 +-
7 files changed, 21 insertions(+), 2 deletions(-)
diff --git a/arch/alpha/Kconfig b/arch/alpha/Kconfig
index d39dc9b..f23ab8b 100644
--- a/arch/alpha/Kconfig
+++ b/arch/alpha/Kconfig
@@ -16,6 +16,7 @@ config ALPHA
select ARCH_WANT_IPC_PARSE_VERSION
select ARCH_HAVE_NMI_SAFE_CMPXCHG
select ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE
+ select AUDIT_ARCH
select GENERIC_CLOCKEVENTS
select GENERIC_SMP_IDLE_THREAD
select GENERIC_STRNCPY_FROM_USER
@@ -76,6 +77,8 @@ config GENERIC_ISA_DMA
source "init/Kconfig"
source "kernel/Kconfig.freezer"
+config AUDIT_ARCH
+ bool
menu "System setup"
diff --git a/arch/alpha/include/asm/ptrace.h
b/arch/alpha/include/asm/ptrace.h
index 2112850..9047c2f 100644
--- a/arch/alpha/include/asm/ptrace.h
+++ b/arch/alpha/include/asm/ptrace.h
@@ -19,4 +19,9 @@
#define force_successful_syscall_return() (current_pt_regs()->r0 = 0)
+static inline unsigned long regs_return_value(struct pt_regs *regs)
+{
+ return regs->r0;
+}
+
#endif
diff --git a/arch/alpha/include/asm/thread_info.h
b/arch/alpha/include/asm/thread_info.h
index 453597b..3d6ce6d 100644
--- a/arch/alpha/include/asm/thread_info.h
+++ b/arch/alpha/include/asm/thread_info.h
@@ -70,6 +70,7 @@ register struct thread_info *__current_thread_info
__asm__("$8");
#define TIF_NOTIFY_RESUME 1 /* callback before returning to user */
#define TIF_SIGPENDING 2 /* signal pending */
#define TIF_NEED_RESCHED 3 /* rescheduling necessary */
+#define TIF_SYSCALL_AUDIT 4 /* syscall audit active */
#define TIF_DIE_IF_KERNEL 9 /* dik recursion lock */
#define TIF_MEMDIE 13 /* is terminating due to OOM killer */
@@ -77,6 +78,7 @@ register struct thread_info *__current_thread_info
__asm__("$8");
#define _TIF_SIGPENDING (1<<TIF_SIGPENDING)
#define _TIF_NEED_RESCHED (1<<TIF_NEED_RESCHED)
#define _TIF_NOTIFY_RESUME (1<<TIF_NOTIFY_RESUME)
+#define _TIF_SYSCALL_AUDIT (1<<TIF_SYSCALL_AUDIT)
/* Work to do on interrupt/exception return. */
#define _TIF_WORK_MASK (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \
diff --git a/arch/alpha/kernel/Makefile b/arch/alpha/kernel/Makefile
index 0d54650..3ecac01 100644
--- a/arch/alpha/kernel/Makefile
+++ b/arch/alpha/kernel/Makefile
@@ -17,6 +17,7 @@ obj-$(CONFIG_SRM_ENV) += srm_env.o
obj-$(CONFIG_MODULES) += module.o
obj-$(CONFIG_PERF_EVENTS) += perf_event.o
obj-$(CONFIG_RTC_DRV_ALPHA) += rtc.o
+obj-$(CONFIG_AUDIT) += audit.o
ifdef CONFIG_ALPHA_GENERIC
diff --git a/arch/alpha/kernel/entry.S b/arch/alpha/kernel/entry.S
index a969b95..98703d9 100644
--- a/arch/alpha/kernel/entry.S
+++ b/arch/alpha/kernel/entry.S
@@ -465,7 +465,11 @@ entSys:
.cfi_rel_offset $16, SP_OFF+24
.cfi_rel_offset $17, SP_OFF+32
.cfi_rel_offset $18, SP_OFF+40
- blbs $3, strace
+#ifdef CONFIG_AUDITSYSCALL
+ lda $6, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT
+ and $3, $6, $3
+#endif
+ bne $3, strace
beq $4, 1f
ldq $27, 0($5)
1: jsr $26, ($27), alpha_ni_syscall
diff --git a/arch/alpha/kernel/ptrace.c b/arch/alpha/kernel/ptrace.c
index 2a4a80f..86d8351 100644
--- a/arch/alpha/kernel/ptrace.c
+++ b/arch/alpha/kernel/ptrace.c
@@ -14,6 +14,7 @@
#include <linux/security.h>
#include <linux/signal.h>
#include <linux/tracehook.h>
+#include <linux/audit.h>
#include <asm/uaccess.h>
#include <asm/pgtable.h>
@@ -316,15 +317,18 @@ long arch_ptrace(struct task_struct *child, long
request,
asmlinkage unsigned long syscall_trace_enter(void)
{
unsigned long ret = 0;
+ struct pt_regs *regs = current_pt_regs();
if (test_thread_flag(TIF_SYSCALL_TRACE) &&
tracehook_report_syscall_entry(current_pt_regs()))
ret = -1UL;
+ audit_syscall_entry(AUDIT_ARCH_ALPHA, regs->r0, regs->r16, regs->r17,
regs->r18, regs->r19);
return ret ?: current_pt_regs()->r0;
}
asmlinkage void
syscall_trace_leave(void)
{
+ audit_syscall_exit(current_pt_regs());
if (test_thread_flag(TIF_SYSCALL_TRACE))
tracehook_report_syscall_exit(current_pt_regs(), 0);
}
diff --git a/init/Kconfig b/init/Kconfig
index 79383d3..e58a6d8 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -284,7 +284,7 @@ config AUDIT
config AUDITSYSCALL
bool "Enable system-call auditing support"
- depends on AUDIT && (X86 || PARISC || PPC || S390 || IA64 || UML ||
SPARC64 || SUPERH || (ARM && AEABI && !OABI_COMPAT))
+ depends on AUDIT && (X86 || PARISC || PPC || S390 || IA64 || UML ||
SPARC64 || SUPERH || (ARM && AEABI && !OABI_COMPAT) || ALPHA)
default y if SECURITY_SELINUX
help
Enable low-overhead system-call auditing infrastructure that
在 2013-12-09一的 19:09 -0800,Matt Turner写道:
> On Mon, Dec 9, 2013 at 6:24 PM, 蔡正龙 <zhenglong.cai@cs2c.com.cn> wrote:
> > Enable system-call auditing support at alpha architecture
> >
> > Signed-off-by: Zhenglong.cai <zhenglong.cai@cs2c.com.cn>
> >
> > arch/alpha/Kconfig | 3 +++
> > arch/alpha/include/asm/ptrace.h | 5 +++++
> > arch/alpha/include/asm/thread_info.h | 2 ++
> > arch/alpha/kernel/Makefile | 1 +
> > arch/alpha/kernel/entry.S | 6 +++++-
> > arch/alpha/kernel/ptrace.c | 4 ++++
> > 6 files changed, 20 insertions(+), 1 deletions(-)
> >
> > diff --git a/arch/alpha/Kconfig b/arch/alpha/Kconfig
> > index d39dc9b..f23ab8b 100644
> > --- a/arch/alpha/Kconfig
> > +++ b/arch/alpha/Kconfig
> > @@ -16,6 +16,7 @@ config ALPHA
> > select ARCH_WANT_IPC_PARSE_VERSION
> > select ARCH_HAVE_NMI_SAFE_CMPXCHG
> > select ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE
> > + select AUDIT_ARCH
> > select GENERIC_CLOCKEVENTS
> > select GENERIC_SMP_IDLE_THREAD
> > select GENERIC_STRNCPY_FROM_USER
> > @@ -76,6 +77,8 @@ config GENERIC_ISA_DMA
> > source "init/Kconfig"
> > source "kernel/Kconfig.freezer"
> >
> > +config AUDIT_ARCH
> > + bool
> >
> > menu "System setup"
> >
> > diff --git a/arch/alpha/include/asm/ptrace.h
> > b/arch/alpha/include/asm/ptrace.h
> > index 2112850..9047c2f 100644
> > --- a/arch/alpha/include/asm/ptrace.h
> > +++ b/arch/alpha/include/asm/ptrace.h
> > @@ -19,4 +19,9 @@
> >
> > #define force_successful_syscall_return() (current_pt_regs()->r0 = 0)
> >
> > +static inline unsigned long regs_return_value(struct pt_regs *regs)
> > +{
> > + return regs->r0;
> > +}
> > +
> > #endif
> > diff --git a/arch/alpha/include/asm/thread_info.h
> > b/arch/alpha/include/asm/thread_info.h
> > index 453597b..3d6ce6d 100644
> > --- a/arch/alpha/include/asm/thread_info.h
> > +++ b/arch/alpha/include/asm/thread_info.h
> > @@ -70,6 +70,7 @@ register struct thread_info *__current_thread_info
> > __asm__("$8");
> > #define TIF_NOTIFY_RESUME 1 /* callback before returning to user */
> > #define TIF_SIGPENDING 2 /* signal pending */
> > #define TIF_NEED_RESCHED 3 /* rescheduling necessary */
> > +#define TIF_SYSCALL_AUDIT 4 /* syscall audit active */
> > #define TIF_DIE_IF_KERNEL 9 /* dik recursion lock */
> > #define TIF_MEMDIE 13 /* is terminating due to OOM killer */
> >
> > @@ -77,6 +78,7 @@ register struct thread_info *__current_thread_info
> > __asm__("$8");
> > #define _TIF_SIGPENDING (1<<TIF_SIGPENDING)
> > #define _TIF_NEED_RESCHED (1<<TIF_NEED_RESCHED)
> > #define _TIF_NOTIFY_RESUME (1<<TIF_NOTIFY_RESUME)
> > +#define _TIF_SYSCALL_AUDIT (1<<TIF_SYSCALL_AUDIT)
> >
> > /* Work to do on interrupt/exception return. */
> > #define _TIF_WORK_MASK (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \
> > diff --git a/arch/alpha/kernel/Makefile b/arch/alpha/kernel/Makefile
> > index 0d54650..3ecac01 100644
> > --- a/arch/alpha/kernel/Makefile
> > +++ b/arch/alpha/kernel/Makefile
> > @@ -17,6 +17,7 @@ obj-$(CONFIG_SRM_ENV) += srm_env.o
> > obj-$(CONFIG_MODULES) += module.o
> > obj-$(CONFIG_PERF_EVENTS) += perf_event.o
> > obj-$(CONFIG_RTC_DRV_ALPHA) += rtc.o
> > +obj-$(CONFIG_AUDIT) += audit.o
> >
> > ifdef CONFIG_ALPHA_GENERIC
> >
> > diff --git a/arch/alpha/kernel/entry.S b/arch/alpha/kernel/entry.S
> > index a969b95..98703d9 100644
> > --- a/arch/alpha/kernel/entry.S
> > +++ b/arch/alpha/kernel/entry.S
> > @@ -465,7 +465,11 @@ entSys:
> > .cfi_rel_offset $16, SP_OFF+24
> > .cfi_rel_offset $17, SP_OFF+32
> > .cfi_rel_offset $18, SP_OFF+40
> > - blbs $3, strace
> > +#ifdef CONFIG_AUDITSYSCALL
> > + lda $6, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT
> > + and $3, $6, $3
> > +#endif
> > + bne $3, strace
> > beq $4, 1f
> > ldq $27, 0($5)
> > 1: jsr $26, ($27), alpha_ni_syscall
> > diff --git a/arch/alpha/kernel/ptrace.c b/arch/alpha/kernel/ptrace.c
> > index 2a4a80f..86d8351 100644
> > --- a/arch/alpha/kernel/ptrace.c
> > +++ b/arch/alpha/kernel/ptrace.c
> > @@ -14,6 +14,7 @@
> > #include <linux/security.h>
> > #include <linux/signal.h>
> > #include <linux/tracehook.h>
> > +#include <linux/audit.h>
> >
> > #include <asm/uaccess.h>
> > #include <asm/pgtable.h>
> > @@ -316,15 +317,18 @@ long arch_ptrace(struct task_struct *child, long
> > request,
> > asmlinkage unsigned long syscall_trace_enter(void)
> > {
> > unsigned long ret = 0;
> > + struct pt_regs *regs = current_pt_regs();
> > if (test_thread_flag(TIF_SYSCALL_TRACE) &&
> > tracehook_report_syscall_entry(current_pt_regs()))
> > ret = -1UL;
> > + audit_syscall_entry(AUDIT_ARCH_ALPHA, regs->r0, regs->r16, regs->r17,
> > regs->r18, regs->r19);
>
> Looks like this line was wrapped. No problem, I'll fix it before applying it.
>
> Thanks for the patch. This should allow pam support on alpha, which is
> pretty cool.
>
> I'll test and add it to my tree if all goes well.
>
> Thanks!
> Matt
>
--
公司:中标软件有限公司
姓名:蔡正龙
地址:上海市闸北区江场三路26、28号 12号楼 2楼
电话:021-51060868-8120
邮编:200436
Email: zhenglong.cai@cs2c.com.cn
--
To unsubscribe from this list: send the line "unsubscribe linux-alpha" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
WARNING: multiple messages have this Message-ID (diff)
From: 蔡正龙 <zhenglong.cai@cs2c.com.cn>
To: Matt Turner <mattst88@gmail.com>
Cc: LKML <linux-kernel@vger.kernel.org>,
linux-alpha <linux-alpha@vger.kernel.org>
Subject: Re: [alpha PATCH] enable syscall audit function at alpha architecture
Date: Thu, 12 Dec 2013 16:07:26 +0800 [thread overview]
Message-ID: <1386835646.2652.5.camel@localhost.localdomain> (raw)
In-Reply-To: <CAEdQ38Fyrr6Dg8A50+JzAF1qXUbVnsWdEjAQxePozhqWJvN=Tw@mail.gmail.com>
Dear Matt,
I have found one missing part for the patch, i missed init/Kconfig,
sorry for my mistake.
The updated patch as below:
arch/alpha/Kconfig | 3 +++
arch/alpha/include/asm/ptrace.h | 5 +++++
arch/alpha/include/asm/thread_info.h | 2 ++
arch/alpha/kernel/Makefile | 1 +
arch/alpha/kernel/entry.S | 6 +++++-
arch/alpha/kernel/ptrace.c | 4 ++++
init/Kconfig | 2 +-
7 files changed, 21 insertions(+), 2 deletions(-)
diff --git a/arch/alpha/Kconfig b/arch/alpha/Kconfig
index d39dc9b..f23ab8b 100644
--- a/arch/alpha/Kconfig
+++ b/arch/alpha/Kconfig
@@ -16,6 +16,7 @@ config ALPHA
select ARCH_WANT_IPC_PARSE_VERSION
select ARCH_HAVE_NMI_SAFE_CMPXCHG
select ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE
+ select AUDIT_ARCH
select GENERIC_CLOCKEVENTS
select GENERIC_SMP_IDLE_THREAD
select GENERIC_STRNCPY_FROM_USER
@@ -76,6 +77,8 @@ config GENERIC_ISA_DMA
source "init/Kconfig"
source "kernel/Kconfig.freezer"
+config AUDIT_ARCH
+ bool
menu "System setup"
diff --git a/arch/alpha/include/asm/ptrace.h
b/arch/alpha/include/asm/ptrace.h
index 2112850..9047c2f 100644
--- a/arch/alpha/include/asm/ptrace.h
+++ b/arch/alpha/include/asm/ptrace.h
@@ -19,4 +19,9 @@
#define force_successful_syscall_return() (current_pt_regs()->r0 = 0)
+static inline unsigned long regs_return_value(struct pt_regs *regs)
+{
+ return regs->r0;
+}
+
#endif
diff --git a/arch/alpha/include/asm/thread_info.h
b/arch/alpha/include/asm/thread_info.h
index 453597b..3d6ce6d 100644
--- a/arch/alpha/include/asm/thread_info.h
+++ b/arch/alpha/include/asm/thread_info.h
@@ -70,6 +70,7 @@ register struct thread_info *__current_thread_info
__asm__("$8");
#define TIF_NOTIFY_RESUME 1 /* callback before returning to user */
#define TIF_SIGPENDING 2 /* signal pending */
#define TIF_NEED_RESCHED 3 /* rescheduling necessary */
+#define TIF_SYSCALL_AUDIT 4 /* syscall audit active */
#define TIF_DIE_IF_KERNEL 9 /* dik recursion lock */
#define TIF_MEMDIE 13 /* is terminating due to OOM killer */
@@ -77,6 +78,7 @@ register struct thread_info *__current_thread_info
__asm__("$8");
#define _TIF_SIGPENDING (1<<TIF_SIGPENDING)
#define _TIF_NEED_RESCHED (1<<TIF_NEED_RESCHED)
#define _TIF_NOTIFY_RESUME (1<<TIF_NOTIFY_RESUME)
+#define _TIF_SYSCALL_AUDIT (1<<TIF_SYSCALL_AUDIT)
/* Work to do on interrupt/exception return. */
#define _TIF_WORK_MASK (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \
diff --git a/arch/alpha/kernel/Makefile b/arch/alpha/kernel/Makefile
index 0d54650..3ecac01 100644
--- a/arch/alpha/kernel/Makefile
+++ b/arch/alpha/kernel/Makefile
@@ -17,6 +17,7 @@ obj-$(CONFIG_SRM_ENV) += srm_env.o
obj-$(CONFIG_MODULES) += module.o
obj-$(CONFIG_PERF_EVENTS) += perf_event.o
obj-$(CONFIG_RTC_DRV_ALPHA) += rtc.o
+obj-$(CONFIG_AUDIT) += audit.o
ifdef CONFIG_ALPHA_GENERIC
diff --git a/arch/alpha/kernel/entry.S b/arch/alpha/kernel/entry.S
index a969b95..98703d9 100644
--- a/arch/alpha/kernel/entry.S
+++ b/arch/alpha/kernel/entry.S
@@ -465,7 +465,11 @@ entSys:
.cfi_rel_offset $16, SP_OFF+24
.cfi_rel_offset $17, SP_OFF+32
.cfi_rel_offset $18, SP_OFF+40
- blbs $3, strace
+#ifdef CONFIG_AUDITSYSCALL
+ lda $6, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT
+ and $3, $6, $3
+#endif
+ bne $3, strace
beq $4, 1f
ldq $27, 0($5)
1: jsr $26, ($27), alpha_ni_syscall
diff --git a/arch/alpha/kernel/ptrace.c b/arch/alpha/kernel/ptrace.c
index 2a4a80f..86d8351 100644
--- a/arch/alpha/kernel/ptrace.c
+++ b/arch/alpha/kernel/ptrace.c
@@ -14,6 +14,7 @@
#include <linux/security.h>
#include <linux/signal.h>
#include <linux/tracehook.h>
+#include <linux/audit.h>
#include <asm/uaccess.h>
#include <asm/pgtable.h>
@@ -316,15 +317,18 @@ long arch_ptrace(struct task_struct *child, long
request,
asmlinkage unsigned long syscall_trace_enter(void)
{
unsigned long ret = 0;
+ struct pt_regs *regs = current_pt_regs();
if (test_thread_flag(TIF_SYSCALL_TRACE) &&
tracehook_report_syscall_entry(current_pt_regs()))
ret = -1UL;
+ audit_syscall_entry(AUDIT_ARCH_ALPHA, regs->r0, regs->r16, regs->r17,
regs->r18, regs->r19);
return ret ?: current_pt_regs()->r0;
}
asmlinkage void
syscall_trace_leave(void)
{
+ audit_syscall_exit(current_pt_regs());
if (test_thread_flag(TIF_SYSCALL_TRACE))
tracehook_report_syscall_exit(current_pt_regs(), 0);
}
diff --git a/init/Kconfig b/init/Kconfig
index 79383d3..e58a6d8 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -284,7 +284,7 @@ config AUDIT
config AUDITSYSCALL
bool "Enable system-call auditing support"
- depends on AUDIT && (X86 || PARISC || PPC || S390 || IA64 || UML ||
SPARC64 || SUPERH || (ARM && AEABI && !OABI_COMPAT))
+ depends on AUDIT && (X86 || PARISC || PPC || S390 || IA64 || UML ||
SPARC64 || SUPERH || (ARM && AEABI && !OABI_COMPAT) || ALPHA)
default y if SECURITY_SELINUX
help
Enable low-overhead system-call auditing infrastructure that
在 2013-12-09一的 19:09 -0800,Matt Turner写道:
> On Mon, Dec 9, 2013 at 6:24 PM, 蔡正龙 <zhenglong.cai@cs2c.com.cn> wrote:
> > Enable system-call auditing support at alpha architecture
> >
> > Signed-off-by: Zhenglong.cai <zhenglong.cai@cs2c.com.cn>
> >
> > arch/alpha/Kconfig | 3 +++
> > arch/alpha/include/asm/ptrace.h | 5 +++++
> > arch/alpha/include/asm/thread_info.h | 2 ++
> > arch/alpha/kernel/Makefile | 1 +
> > arch/alpha/kernel/entry.S | 6 +++++-
> > arch/alpha/kernel/ptrace.c | 4 ++++
> > 6 files changed, 20 insertions(+), 1 deletions(-)
> >
> > diff --git a/arch/alpha/Kconfig b/arch/alpha/Kconfig
> > index d39dc9b..f23ab8b 100644
> > --- a/arch/alpha/Kconfig
> > +++ b/arch/alpha/Kconfig
> > @@ -16,6 +16,7 @@ config ALPHA
> > select ARCH_WANT_IPC_PARSE_VERSION
> > select ARCH_HAVE_NMI_SAFE_CMPXCHG
> > select ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE
> > + select AUDIT_ARCH
> > select GENERIC_CLOCKEVENTS
> > select GENERIC_SMP_IDLE_THREAD
> > select GENERIC_STRNCPY_FROM_USER
> > @@ -76,6 +77,8 @@ config GENERIC_ISA_DMA
> > source "init/Kconfig"
> > source "kernel/Kconfig.freezer"
> >
> > +config AUDIT_ARCH
> > + bool
> >
> > menu "System setup"
> >
> > diff --git a/arch/alpha/include/asm/ptrace.h
> > b/arch/alpha/include/asm/ptrace.h
> > index 2112850..9047c2f 100644
> > --- a/arch/alpha/include/asm/ptrace.h
> > +++ b/arch/alpha/include/asm/ptrace.h
> > @@ -19,4 +19,9 @@
> >
> > #define force_successful_syscall_return() (current_pt_regs()->r0 = 0)
> >
> > +static inline unsigned long regs_return_value(struct pt_regs *regs)
> > +{
> > + return regs->r0;
> > +}
> > +
> > #endif
> > diff --git a/arch/alpha/include/asm/thread_info.h
> > b/arch/alpha/include/asm/thread_info.h
> > index 453597b..3d6ce6d 100644
> > --- a/arch/alpha/include/asm/thread_info.h
> > +++ b/arch/alpha/include/asm/thread_info.h
> > @@ -70,6 +70,7 @@ register struct thread_info *__current_thread_info
> > __asm__("$8");
> > #define TIF_NOTIFY_RESUME 1 /* callback before returning to user */
> > #define TIF_SIGPENDING 2 /* signal pending */
> > #define TIF_NEED_RESCHED 3 /* rescheduling necessary */
> > +#define TIF_SYSCALL_AUDIT 4 /* syscall audit active */
> > #define TIF_DIE_IF_KERNEL 9 /* dik recursion lock */
> > #define TIF_MEMDIE 13 /* is terminating due to OOM killer */
> >
> > @@ -77,6 +78,7 @@ register struct thread_info *__current_thread_info
> > __asm__("$8");
> > #define _TIF_SIGPENDING (1<<TIF_SIGPENDING)
> > #define _TIF_NEED_RESCHED (1<<TIF_NEED_RESCHED)
> > #define _TIF_NOTIFY_RESUME (1<<TIF_NOTIFY_RESUME)
> > +#define _TIF_SYSCALL_AUDIT (1<<TIF_SYSCALL_AUDIT)
> >
> > /* Work to do on interrupt/exception return. */
> > #define _TIF_WORK_MASK (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \
> > diff --git a/arch/alpha/kernel/Makefile b/arch/alpha/kernel/Makefile
> > index 0d54650..3ecac01 100644
> > --- a/arch/alpha/kernel/Makefile
> > +++ b/arch/alpha/kernel/Makefile
> > @@ -17,6 +17,7 @@ obj-$(CONFIG_SRM_ENV) += srm_env.o
> > obj-$(CONFIG_MODULES) += module.o
> > obj-$(CONFIG_PERF_EVENTS) += perf_event.o
> > obj-$(CONFIG_RTC_DRV_ALPHA) += rtc.o
> > +obj-$(CONFIG_AUDIT) += audit.o
> >
> > ifdef CONFIG_ALPHA_GENERIC
> >
> > diff --git a/arch/alpha/kernel/entry.S b/arch/alpha/kernel/entry.S
> > index a969b95..98703d9 100644
> > --- a/arch/alpha/kernel/entry.S
> > +++ b/arch/alpha/kernel/entry.S
> > @@ -465,7 +465,11 @@ entSys:
> > .cfi_rel_offset $16, SP_OFF+24
> > .cfi_rel_offset $17, SP_OFF+32
> > .cfi_rel_offset $18, SP_OFF+40
> > - blbs $3, strace
> > +#ifdef CONFIG_AUDITSYSCALL
> > + lda $6, _TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT
> > + and $3, $6, $3
> > +#endif
> > + bne $3, strace
> > beq $4, 1f
> > ldq $27, 0($5)
> > 1: jsr $26, ($27), alpha_ni_syscall
> > diff --git a/arch/alpha/kernel/ptrace.c b/arch/alpha/kernel/ptrace.c
> > index 2a4a80f..86d8351 100644
> > --- a/arch/alpha/kernel/ptrace.c
> > +++ b/arch/alpha/kernel/ptrace.c
> > @@ -14,6 +14,7 @@
> > #include <linux/security.h>
> > #include <linux/signal.h>
> > #include <linux/tracehook.h>
> > +#include <linux/audit.h>
> >
> > #include <asm/uaccess.h>
> > #include <asm/pgtable.h>
> > @@ -316,15 +317,18 @@ long arch_ptrace(struct task_struct *child, long
> > request,
> > asmlinkage unsigned long syscall_trace_enter(void)
> > {
> > unsigned long ret = 0;
> > + struct pt_regs *regs = current_pt_regs();
> > if (test_thread_flag(TIF_SYSCALL_TRACE) &&
> > tracehook_report_syscall_entry(current_pt_regs()))
> > ret = -1UL;
> > + audit_syscall_entry(AUDIT_ARCH_ALPHA, regs->r0, regs->r16, regs->r17,
> > regs->r18, regs->r19);
>
> Looks like this line was wrapped. No problem, I'll fix it before applying it.
>
> Thanks for the patch. This should allow pam support on alpha, which is
> pretty cool.
>
> I'll test and add it to my tree if all goes well.
>
> Thanks!
> Matt
>
--
公司:中标软件有限公司
姓名:蔡正龙
地址:上海市闸北区江场三路26、28号 12号楼 2楼
电话:021-51060868-8120
邮编:200436
Email: zhenglong.cai@cs2c.com.cn
next prev parent reply other threads:[~2013-12-12 8:07 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-10 2:24 [alpha PATCH] enable syscall audit function at alpha architecture 蔡正龙
2013-12-10 3:09 ` Matt Turner
2013-12-10 3:09 ` Matt Turner
2013-12-12 8:07 ` 蔡正龙 [this message]
2013-12-12 8:07 ` 蔡正龙
-- strict thread matches above, loose matches on Subject: below --
2013-12-09 8:20 [alpha PATCH ] " 蔡正龙
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1386835646.2652.5.camel@localhost.localdomain \
--to=zhenglong.cai@cs2c.com.cn \
--cc=linux-alpha@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mattst88@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.