[PATCH 0/8] Improved seccomp-bpf support for MIPS

[PATCH 0/8] Improved seccomp-bpf support for MIPS

[Markos Chandras]

Hi,

This patch improves the existing seccomp-bpf support for MIPS.
It fixes a bug when copying system call arguments for the filter
checks and it also moves away from strict filtering to actually
use the filter supplied by the userspace process.

This patchset has been tested with libseccomp
(MIPS support not upstream yet) on mips, mipsel and mips64
and with Chromium test suite (MIPS support not upstream yet)
on mipsel.

This patchset is based on the upstream-sfr/mips-for-linux-next tree.

Markos Chandras (8):
  MIPS: asm: syscall: Fix copying system call arguments
  MIPS: asm: syscall: Add the syscall_rollback function
  MIPS: asm: syscall: Define syscall_get_arch
  MIPS: asm: thread_info: Add _TIF_SECCOMP flag
  MIPS: ptrace: Move away from secure_computing_strict
  MIPS: kernel: scalls: Skip the syscall if denied by the seccomp filter
  MIPS: seccomp: Handle indirect system calls (o32)
  MIPS: Select HAVE_ARCH_SECCOMP_FILTER

 arch/mips/Kconfig                   |  1 +
 arch/mips/include/asm/ptrace.h      |  2 +-
 arch/mips/include/asm/syscall.h     | 35 ++++++++++++++++++++++++++++++-----
 arch/mips/include/asm/thread_info.h |  3 ++-
 arch/mips/kernel/ptrace.c           | 11 ++++++-----
 arch/mips/kernel/scall32-o32.S      | 15 +++++++++++++--
 arch/mips/kernel/scall64-64.S       |  5 ++++-
 arch/mips/kernel/scall64-n32.S      |  5 ++++-
 arch/mips/kernel/scall64-o32.S      | 17 +++++++++++++++--
 9 files changed, 76 insertions(+), 18 deletions(-)

-- 
1.8.5.3

[PATCH 0/8] Improved seccomp-bpf support for MIPS

[Markos Chandras]

Hi,

This patch improves the existing seccomp-bpf support for MIPS.
It fixes a bug when copying system call arguments for the filter
checks and it also moves away from strict filtering to actually
use the filter supplied by the userspace process.

This patchset has been tested with libseccomp
(MIPS support not upstream yet) on mips, mipsel and mips64
and with Chromium test suite (MIPS support not upstream yet)
on mipsel.

This patchset is based on the upstream-sfr/mips-for-linux-next tree.

Markos Chandras (8):
  MIPS: asm: syscall: Fix copying system call arguments
  MIPS: asm: syscall: Add the syscall_rollback function
  MIPS: asm: syscall: Define syscall_get_arch
  MIPS: asm: thread_info: Add _TIF_SECCOMP flag
  MIPS: ptrace: Move away from secure_computing_strict
  MIPS: kernel: scalls: Skip the syscall if denied by the seccomp filter
  MIPS: seccomp: Handle indirect system calls (o32)
  MIPS: Select HAVE_ARCH_SECCOMP_FILTER

 arch/mips/Kconfig                   |  1 +
 arch/mips/include/asm/ptrace.h      |  2 +-
 arch/mips/include/asm/syscall.h     | 35 ++++++++++++++++++++++++++++++-----
 arch/mips/include/asm/thread_info.h |  3 ++-
 arch/mips/kernel/ptrace.c           | 11 ++++++-----
 arch/mips/kernel/scall32-o32.S      | 15 +++++++++++++--
 arch/mips/kernel/scall64-64.S       |  5 ++++-
 arch/mips/kernel/scall64-n32.S      |  5 ++++-
 arch/mips/kernel/scall64-o32.S      | 17 +++++++++++++++--
 9 files changed, 76 insertions(+), 18 deletions(-)

-- 
1.8.5.3

[PATCH 1/8] MIPS: asm: syscall: Fix copying system call arguments

[Markos Chandras]

The syscall_get_arguments function expects the arguments to be copied
to the '*args' argument but instead a local variable was used to hold
the system call argument. As a result of which, this variable was
never passed to the filter and any filter testing the system call
arguments would fail. This is fixed by passing the '*args' variable
as the destination memory for the system call arguments.

Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/include/asm/syscall.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/arch/mips/include/asm/syscall.h b/arch/mips/include/asm/syscall.h
index 33e8dbf..10d98b9 100644
--- a/arch/mips/include/asm/syscall.h
+++ b/arch/mips/include/asm/syscall.h
@@ -83,11 +83,10 @@ static inline void syscall_get_arguments(struct task_struct *task,
 					 unsigned int i, unsigned int n,
 					 unsigned long *args)
 {
-	unsigned long arg;
 	int ret;
 
 	while (n--)
-		ret |= mips_get_syscall_arg(&arg, task, regs, i++);
+		ret |= mips_get_syscall_arg(args++, task, regs, i++);
 
 	/*
 	 * No way to communicate an error because this is a void function.
-- 
1.8.5.3

[PATCH 1/8] MIPS: asm: syscall: Fix copying system call arguments

[Markos Chandras]

The syscall_get_arguments function expects the arguments to be copied
to the '*args' argument but instead a local variable was used to hold
the system call argument. As a result of which, this variable was
never passed to the filter and any filter testing the system call
arguments would fail. This is fixed by passing the '*args' variable
as the destination memory for the system call arguments.

Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/include/asm/syscall.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/arch/mips/include/asm/syscall.h b/arch/mips/include/asm/syscall.h
index 33e8dbf..10d98b9 100644
--- a/arch/mips/include/asm/syscall.h
+++ b/arch/mips/include/asm/syscall.h
@@ -83,11 +83,10 @@ static inline void syscall_get_arguments(struct task_struct *task,
 					 unsigned int i, unsigned int n,
 					 unsigned long *args)
 {
-	unsigned long arg;
 	int ret;
 
 	while (n--)
-		ret |= mips_get_syscall_arg(&arg, task, regs, i++);
+		ret |= mips_get_syscall_arg(args++, task, regs, i++);
 
 	/*
 	 * No way to communicate an error because this is a void function.
-- 
1.8.5.3

[PATCH 2/8] MIPS: asm: syscall: Add the syscall_rollback function

[Markos Chandras]

The syscall_rollback function is used by seccomp-bpf but it was never
added for MIPS. It doesn't need to do anything as none of the registers
are clobbered if the system call has been denied by the seccomp filter.

Reviewed-by: James Hogan <james.hogan@imgtec.com>
Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/include/asm/syscall.h | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/arch/mips/include/asm/syscall.h b/arch/mips/include/asm/syscall.h
index 10d98b9..e3e2f76 100644
--- a/arch/mips/include/asm/syscall.h
+++ b/arch/mips/include/asm/syscall.h
@@ -65,6 +65,12 @@ static inline long syscall_get_return_value(struct task_struct *task,
 	return regs->regs[2];
 }
 
+static inline void syscall_rollback(struct task_struct *task,
+				    struct pt_regs *regs)
+{
+	/* Do nothing */
+}
+
 static inline void syscall_set_return_value(struct task_struct *task,
 					    struct pt_regs *regs,
 					    int error, long val)
-- 
1.8.5.3

[PATCH 2/8] MIPS: asm: syscall: Add the syscall_rollback function

[Markos Chandras]

The syscall_rollback function is used by seccomp-bpf but it was never
added for MIPS. It doesn't need to do anything as none of the registers
are clobbered if the system call has been denied by the seccomp filter.

Reviewed-by: James Hogan <james.hogan@imgtec.com>
Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/include/asm/syscall.h | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/arch/mips/include/asm/syscall.h b/arch/mips/include/asm/syscall.h
index 10d98b9..e3e2f76 100644
--- a/arch/mips/include/asm/syscall.h
+++ b/arch/mips/include/asm/syscall.h
@@ -65,6 +65,12 @@ static inline long syscall_get_return_value(struct task_struct *task,
 	return regs->regs[2];
 }
 
+static inline void syscall_rollback(struct task_struct *task,
+				    struct pt_regs *regs)
+{
+	/* Do nothing */
+}
+
 static inline void syscall_set_return_value(struct task_struct *task,
 					    struct pt_regs *regs,
 					    int error, long val)
-- 
1.8.5.3

[PATCH 3/8] MIPS: asm: syscall: Define syscall_get_arch

[Markos Chandras]

This effectively renames __syscall_get_arch to syscall_get_arch
and implements a compatible interface for the seccomp API.
The seccomp code (kernel/seccomp.c) expects a syscall_get_arch
function to be defined for every architecture, so we drop
the leading underscores from the existing function.

This also makes use of the 'task' argument to determine the type
the process instead of assuming the process has the same
characteristics as the kernel it's running on.

Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/include/asm/syscall.h | 6 ++++--
 arch/mips/kernel/ptrace.c       | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/arch/mips/include/asm/syscall.h b/arch/mips/include/asm/syscall.h
index e3e2f76..e7e0210 100644
--- a/arch/mips/include/asm/syscall.h
+++ b/arch/mips/include/asm/syscall.h
@@ -106,11 +106,13 @@ extern const unsigned long sys_call_table[];
 extern const unsigned long sys32_call_table[];
 extern const unsigned long sysn32_call_table[];
 
-static inline int __syscall_get_arch(void)
+static inline int syscall_get_arch(struct task_struct *task,
+				   struct pt_regs *regs)
 {
 	int arch = EM_MIPS;
 #ifdef CONFIG_64BIT
-	arch |=  __AUDIT_ARCH_64BIT;
+	if (!test_tsk_thread_flag(task, TIF_32BIT_REGS))
+		arch |= __AUDIT_ARCH_64BIT;
 #endif
 #if defined(__LITTLE_ENDIAN)
 	arch |=  __AUDIT_ARCH_LE;
diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c
index 7da9b76..fe5af54 100644
--- a/arch/mips/kernel/ptrace.c
+++ b/arch/mips/kernel/ptrace.c
@@ -677,7 +677,7 @@ asmlinkage void syscall_trace_enter(struct pt_regs *regs)
 	if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
 		trace_sys_enter(regs, regs->regs[2]);
 
-	audit_syscall_entry(__syscall_get_arch(),
+	audit_syscall_entry(syscall_get_arch(current, regs),
 			    regs->regs[2],
 			    regs->regs[4], regs->regs[5],
 			    regs->regs[6], regs->regs[7]);
-- 
1.8.5.3

[PATCH 3/8] MIPS: asm: syscall: Define syscall_get_arch

[Markos Chandras]

This effectively renames __syscall_get_arch to syscall_get_arch
and implements a compatible interface for the seccomp API.
The seccomp code (kernel/seccomp.c) expects a syscall_get_arch
function to be defined for every architecture, so we drop
the leading underscores from the existing function.

This also makes use of the 'task' argument to determine the type
the process instead of assuming the process has the same
characteristics as the kernel it's running on.

Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/include/asm/syscall.h | 6 ++++--
 arch/mips/kernel/ptrace.c       | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/arch/mips/include/asm/syscall.h b/arch/mips/include/asm/syscall.h
index e3e2f76..e7e0210 100644
--- a/arch/mips/include/asm/syscall.h
+++ b/arch/mips/include/asm/syscall.h
@@ -106,11 +106,13 @@ extern const unsigned long sys_call_table[];
 extern const unsigned long sys32_call_table[];
 extern const unsigned long sysn32_call_table[];
 
-static inline int __syscall_get_arch(void)
+static inline int syscall_get_arch(struct task_struct *task,
+				   struct pt_regs *regs)
 {
 	int arch = EM_MIPS;
 #ifdef CONFIG_64BIT
-	arch |=  __AUDIT_ARCH_64BIT;
+	if (!test_tsk_thread_flag(task, TIF_32BIT_REGS))
+		arch |= __AUDIT_ARCH_64BIT;
 #endif
 #if defined(__LITTLE_ENDIAN)
 	arch |=  __AUDIT_ARCH_LE;
diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c
index 7da9b76..fe5af54 100644
--- a/arch/mips/kernel/ptrace.c
+++ b/arch/mips/kernel/ptrace.c
@@ -677,7 +677,7 @@ asmlinkage void syscall_trace_enter(struct pt_regs *regs)
 	if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
 		trace_sys_enter(regs, regs->regs[2]);
 
-	audit_syscall_entry(__syscall_get_arch(),
+	audit_syscall_entry(syscall_get_arch(current, regs),
 			    regs->regs[2],
 			    regs->regs[4], regs->regs[5],
 			    regs->regs[6], regs->regs[7]);
-- 
1.8.5.3

[PATCH 4/8] MIPS: asm: thread_info: Add _TIF_SECCOMP flag

[Markos Chandras]

Add _TIF_SECCOMP flag to _TIF_WORK_SYSCALL_ENTRY to indicate
that the system call needs to be checked against a seccomp filter.

Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/include/asm/thread_info.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/arch/mips/include/asm/thread_info.h b/arch/mips/include/asm/thread_info.h
index 24846f9..e80ae50 100644
--- a/arch/mips/include/asm/thread_info.h
+++ b/arch/mips/include/asm/thread_info.h
@@ -136,7 +136,8 @@ static inline struct thread_info *current_thread_info(void)
 #define _TIF_SYSCALL_TRACEPOINT	(1<<TIF_SYSCALL_TRACEPOINT)
 
 #define _TIF_WORK_SYSCALL_ENTRY	(_TIF_NOHZ | _TIF_SYSCALL_TRACE |	\
-				 _TIF_SYSCALL_AUDIT | _TIF_SYSCALL_TRACEPOINT)
+				 _TIF_SYSCALL_AUDIT | \
+				 _TIF_SYSCALL_TRACEPOINT | _TIF_SECCOMP)
 
 /* work to do in syscall_trace_leave() */
 #define _TIF_WORK_SYSCALL_EXIT	(_TIF_NOHZ | _TIF_SYSCALL_TRACE |	\
-- 
1.8.5.3

[PATCH 4/8] MIPS: asm: thread_info: Add _TIF_SECCOMP flag

[Markos Chandras]

Add _TIF_SECCOMP flag to _TIF_WORK_SYSCALL_ENTRY to indicate
that the system call needs to be checked against a seccomp filter.

Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/include/asm/thread_info.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/arch/mips/include/asm/thread_info.h b/arch/mips/include/asm/thread_info.h
index 24846f9..e80ae50 100644
--- a/arch/mips/include/asm/thread_info.h
+++ b/arch/mips/include/asm/thread_info.h
@@ -136,7 +136,8 @@ static inline struct thread_info *current_thread_info(void)
 #define _TIF_SYSCALL_TRACEPOINT	(1<<TIF_SYSCALL_TRACEPOINT)
 
 #define _TIF_WORK_SYSCALL_ENTRY	(_TIF_NOHZ | _TIF_SYSCALL_TRACE |	\
-				 _TIF_SYSCALL_AUDIT | _TIF_SYSCALL_TRACEPOINT)
+				 _TIF_SYSCALL_AUDIT | \
+				 _TIF_SYSCALL_TRACEPOINT | _TIF_SECCOMP)
 
 /* work to do in syscall_trace_leave() */
 #define _TIF_WORK_SYSCALL_EXIT	(_TIF_NOHZ | _TIF_SYSCALL_TRACE |	\
-- 
1.8.5.3

[PATCH 5/8] MIPS: ptrace: Move away from secure_computing_strict

[Markos Chandras]

MIPS now has the infrastructure for dynamic seccomp-bpf
filtering

Reviewed-by: James Hogan <james.hogan@imgtec.com>
Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/include/asm/ptrace.h |  2 +-
 arch/mips/kernel/ptrace.c      | 10 ++++++----
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/arch/mips/include/asm/ptrace.h b/arch/mips/include/asm/ptrace.h
index 7bba9da..84257df 100644
--- a/arch/mips/include/asm/ptrace.h
+++ b/arch/mips/include/asm/ptrace.h
@@ -82,7 +82,7 @@ static inline long regs_return_value(struct pt_regs *regs)
 #define instruction_pointer(regs) ((regs)->cp0_epc)
 #define profile_pc(regs) instruction_pointer(regs)
 
-extern asmlinkage void syscall_trace_enter(struct pt_regs *regs);
+extern asmlinkage long syscall_trace_enter(struct pt_regs *regs);
 extern asmlinkage void syscall_trace_leave(struct pt_regs *regs);
 
 extern void die(const char *, struct pt_regs *) __noreturn;
diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c
index fe5af54..7f9bcaa 100644
--- a/arch/mips/kernel/ptrace.c
+++ b/arch/mips/kernel/ptrace.c
@@ -662,13 +662,14 @@ long arch_ptrace(struct task_struct *child, long request,
  * Notification of system call entry/exit
  * - triggered by current->work.syscall_trace
  */
-asmlinkage void syscall_trace_enter(struct pt_regs *regs)
+asmlinkage long syscall_trace_enter(struct pt_regs *regs)
 {
+	long syscall = regs->regs[2];
 	long ret = 0;
 	user_exit();
 
-	/* do the secure computing check first */
-	secure_computing_strict(regs->regs[2]);
+	if (secure_computing(syscall) == -1)
+		return -1;
 
 	if (test_thread_flag(TIF_SYSCALL_TRACE) &&
 	    tracehook_report_syscall_entry(regs))
@@ -678,9 +679,10 @@ asmlinkage void syscall_trace_enter(struct pt_regs *regs)
 		trace_sys_enter(regs, regs->regs[2]);
 
 	audit_syscall_entry(syscall_get_arch(current, regs),
-			    regs->regs[2],
+			    syscall,
 			    regs->regs[4], regs->regs[5],
 			    regs->regs[6], regs->regs[7]);
+	return syscall;
 }
 
 /*
-- 
1.8.5.3

[PATCH 5/8] MIPS: ptrace: Move away from secure_computing_strict

[Markos Chandras]

MIPS now has the infrastructure for dynamic seccomp-bpf
filtering

Reviewed-by: James Hogan <james.hogan@imgtec.com>
Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/include/asm/ptrace.h |  2 +-
 arch/mips/kernel/ptrace.c      | 10 ++++++----
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/arch/mips/include/asm/ptrace.h b/arch/mips/include/asm/ptrace.h
index 7bba9da..84257df 100644
--- a/arch/mips/include/asm/ptrace.h
+++ b/arch/mips/include/asm/ptrace.h
@@ -82,7 +82,7 @@ static inline long regs_return_value(struct pt_regs *regs)
 #define instruction_pointer(regs) ((regs)->cp0_epc)
 #define profile_pc(regs) instruction_pointer(regs)
 
-extern asmlinkage void syscall_trace_enter(struct pt_regs *regs);
+extern asmlinkage long syscall_trace_enter(struct pt_regs *regs);
 extern asmlinkage void syscall_trace_leave(struct pt_regs *regs);
 
 extern void die(const char *, struct pt_regs *) __noreturn;
diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c
index fe5af54..7f9bcaa 100644
--- a/arch/mips/kernel/ptrace.c
+++ b/arch/mips/kernel/ptrace.c
@@ -662,13 +662,14 @@ long arch_ptrace(struct task_struct *child, long request,
  * Notification of system call entry/exit
  * - triggered by current->work.syscall_trace
  */
-asmlinkage void syscall_trace_enter(struct pt_regs *regs)
+asmlinkage long syscall_trace_enter(struct pt_regs *regs)
 {
+	long syscall = regs->regs[2];
 	long ret = 0;
 	user_exit();
 
-	/* do the secure computing check first */
-	secure_computing_strict(regs->regs[2]);
+	if (secure_computing(syscall) == -1)
+		return -1;
 
 	if (test_thread_flag(TIF_SYSCALL_TRACE) &&
 	    tracehook_report_syscall_entry(regs))
@@ -678,9 +679,10 @@ asmlinkage void syscall_trace_enter(struct pt_regs *regs)
 		trace_sys_enter(regs, regs->regs[2]);
 
 	audit_syscall_entry(syscall_get_arch(current, regs),
-			    regs->regs[2],
+			    syscall,
 			    regs->regs[4], regs->regs[5],
 			    regs->regs[6], regs->regs[7]);
+	return syscall;
 }
 
 /*
-- 
1.8.5.3

[PATCH 6/8] MIPS: kernel: scalls: Skip the syscall if denied by the seccomp filter

[Markos Chandras]

Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/kernel/scall32-o32.S | 4 +++-
 arch/mips/kernel/scall64-64.S  | 4 +++-
 arch/mips/kernel/scall64-n32.S | 4 +++-
 arch/mips/kernel/scall64-o32.S | 4 +++-
 4 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/arch/mips/kernel/scall32-o32.S b/arch/mips/kernel/scall32-o32.S
index e8e541b..ce6a1cc 100644
--- a/arch/mips/kernel/scall32-o32.S
+++ b/arch/mips/kernel/scall32-o32.S
@@ -120,6 +120,8 @@ syscall_trace_entry:
 	move	a0, sp
 	jal	syscall_trace_enter
 
+	bltz	v0, 2f			# seccomp failed? Skip syscall
+
 	move	t0, s0
 	RESTORE_STATIC
 	lw	a0, PT_R4(sp)		# Restore argument registers
@@ -138,7 +140,7 @@ syscall_trace_entry:
 	sw	t1, PT_R0(sp)		# save it for syscall restarting
 1:	sw	v0, PT_R2(sp)		# result
 
-	j	syscall_exit
+2:	j	syscall_exit
 
 /* ------------------------------------------------------------------------ */
 
diff --git a/arch/mips/kernel/scall64-64.S b/arch/mips/kernel/scall64-64.S
index 57e3742..88372a1 100644
--- a/arch/mips/kernel/scall64-64.S
+++ b/arch/mips/kernel/scall64-64.S
@@ -82,6 +82,8 @@ syscall_trace_entry:
 	move	a0, sp
 	jal	syscall_trace_enter
 
+	bltz	v0, 2f			# seccomp failed? Skip syscall
+
 	move	t0, s0
 	RESTORE_STATIC
 	ld	a0, PT_R4(sp)		# Restore argument registers
@@ -102,7 +104,7 @@ syscall_trace_entry:
 	sd	t1, PT_R0(sp)		# save it for syscall restarting
 1:	sd	v0, PT_R2(sp)		# result
 
-	j	syscall_exit
+2:	j	syscall_exit
 
 illegal_syscall:
 	/* This also isn't a 64-bit syscall, throw an error.  */
diff --git a/arch/mips/kernel/scall64-n32.S b/arch/mips/kernel/scall64-n32.S
index 2f48f59..d79d880 100644
--- a/arch/mips/kernel/scall64-n32.S
+++ b/arch/mips/kernel/scall64-n32.S
@@ -74,6 +74,8 @@ n32_syscall_trace_entry:
 	move	a0, sp
 	jal	syscall_trace_enter
 
+	bltz	v0, 2f			# seccomp failed? Skip syscall
+
 	move	t0, s0
 	RESTORE_STATIC
 	ld	a0, PT_R4(sp)		# Restore argument registers
@@ -94,7 +96,7 @@ n32_syscall_trace_entry:
 	sd	t1, PT_R0(sp)		# save it for syscall restarting
 1:	sd	v0, PT_R2(sp)		# result
 
-	j	syscall_exit
+2:	j	syscall_exit
 
 not_n32_scall:
 	/* This is not an n32 compatibility syscall, pass it on to
diff --git a/arch/mips/kernel/scall64-o32.S b/arch/mips/kernel/scall64-o32.S
index f1acdb4..375a72b 100644
--- a/arch/mips/kernel/scall64-o32.S
+++ b/arch/mips/kernel/scall64-o32.S
@@ -114,6 +114,8 @@ trace_a_syscall:
 	move	a0, sp
 	jal	syscall_trace_enter
 
+	bltz	v0, 2f			# seccomp failed? Skip syscall
+
 	move	t0, s0
 	RESTORE_STATIC
 	ld	a0, PT_R4(sp)		# Restore argument registers
@@ -136,7 +138,7 @@ trace_a_syscall:
 	sd	t1, PT_R0(sp)		# save it for syscall restarting
 1:	sd	v0, PT_R2(sp)		# result
 
-	j	syscall_exit
+2:	j	syscall_exit
 
 /* ------------------------------------------------------------------------ */
 
-- 
1.8.5.3

[PATCH 6/8] MIPS: kernel: scalls: Skip the syscall if denied by the seccomp filter

[Markos Chandras]

Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/kernel/scall32-o32.S | 4 +++-
 arch/mips/kernel/scall64-64.S  | 4 +++-
 arch/mips/kernel/scall64-n32.S | 4 +++-
 arch/mips/kernel/scall64-o32.S | 4 +++-
 4 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/arch/mips/kernel/scall32-o32.S b/arch/mips/kernel/scall32-o32.S
index e8e541b..ce6a1cc 100644
--- a/arch/mips/kernel/scall32-o32.S
+++ b/arch/mips/kernel/scall32-o32.S
@@ -120,6 +120,8 @@ syscall_trace_entry:
 	move	a0, sp
 	jal	syscall_trace_enter
 
+	bltz	v0, 2f			# seccomp failed? Skip syscall
+
 	move	t0, s0
 	RESTORE_STATIC
 	lw	a0, PT_R4(sp)		# Restore argument registers
@@ -138,7 +140,7 @@ syscall_trace_entry:
 	sw	t1, PT_R0(sp)		# save it for syscall restarting
 1:	sw	v0, PT_R2(sp)		# result
 
-	j	syscall_exit
+2:	j	syscall_exit
 
 /* ------------------------------------------------------------------------ */
 
diff --git a/arch/mips/kernel/scall64-64.S b/arch/mips/kernel/scall64-64.S
index 57e3742..88372a1 100644
--- a/arch/mips/kernel/scall64-64.S
+++ b/arch/mips/kernel/scall64-64.S
@@ -82,6 +82,8 @@ syscall_trace_entry:
 	move	a0, sp
 	jal	syscall_trace_enter
 
+	bltz	v0, 2f			# seccomp failed? Skip syscall
+
 	move	t0, s0
 	RESTORE_STATIC
 	ld	a0, PT_R4(sp)		# Restore argument registers
@@ -102,7 +104,7 @@ syscall_trace_entry:
 	sd	t1, PT_R0(sp)		# save it for syscall restarting
 1:	sd	v0, PT_R2(sp)		# result
 
-	j	syscall_exit
+2:	j	syscall_exit
 
 illegal_syscall:
 	/* This also isn't a 64-bit syscall, throw an error.  */
diff --git a/arch/mips/kernel/scall64-n32.S b/arch/mips/kernel/scall64-n32.S
index 2f48f59..d79d880 100644
--- a/arch/mips/kernel/scall64-n32.S
+++ b/arch/mips/kernel/scall64-n32.S
@@ -74,6 +74,8 @@ n32_syscall_trace_entry:
 	move	a0, sp
 	jal	syscall_trace_enter
 
+	bltz	v0, 2f			# seccomp failed? Skip syscall
+
 	move	t0, s0
 	RESTORE_STATIC
 	ld	a0, PT_R4(sp)		# Restore argument registers
@@ -94,7 +96,7 @@ n32_syscall_trace_entry:
 	sd	t1, PT_R0(sp)		# save it for syscall restarting
 1:	sd	v0, PT_R2(sp)		# result
 
-	j	syscall_exit
+2:	j	syscall_exit
 
 not_n32_scall:
 	/* This is not an n32 compatibility syscall, pass it on to
diff --git a/arch/mips/kernel/scall64-o32.S b/arch/mips/kernel/scall64-o32.S
index f1acdb4..375a72b 100644
--- a/arch/mips/kernel/scall64-o32.S
+++ b/arch/mips/kernel/scall64-o32.S
@@ -114,6 +114,8 @@ trace_a_syscall:
 	move	a0, sp
 	jal	syscall_trace_enter
 
+	bltz	v0, 2f			# seccomp failed? Skip syscall
+
 	move	t0, s0
 	RESTORE_STATIC
 	ld	a0, PT_R4(sp)		# Restore argument registers
@@ -136,7 +138,7 @@ trace_a_syscall:
 	sd	t1, PT_R0(sp)		# save it for syscall restarting
 1:	sd	v0, PT_R2(sp)		# result
 
-	j	syscall_exit
+2:	j	syscall_exit
 
 /* ------------------------------------------------------------------------ */
 
-- 
1.8.5.3

[PATCH 7/8] MIPS: seccomp: Handle indirect system calls (o32)

[Markos Chandras]

When userland uses syscall() to perform an indirect system call
the actually system call that needs to be checked by the filter
is on the first argument. The kernel code needs to handle this case
by looking at the original syscall number in v0 and if it's
NR_syscall, then it needs to examine the first argument to
identify the real system call that will be executed.
Similarly, we need to 'virtually' shift the syscall() arguments
so the syscall_get_arguments() function can fetch the correct
arguments for the indirect system call.

Reviewed-by: James Hogan <james.hogan@imgtec.com>
Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/include/asm/ptrace.h  |  2 +-
 arch/mips/include/asm/syscall.h | 20 +++++++++++++++++++-
 arch/mips/kernel/ptrace.c       |  3 +--
 arch/mips/kernel/scall32-o32.S  | 11 ++++++++++-
 arch/mips/kernel/scall64-64.S   |  1 +
 arch/mips/kernel/scall64-n32.S  |  1 +
 arch/mips/kernel/scall64-o32.S  | 13 ++++++++++++-
 7 files changed, 45 insertions(+), 6 deletions(-)

diff --git a/arch/mips/include/asm/ptrace.h b/arch/mips/include/asm/ptrace.h
index 84257df..bf1ac8d3 100644
--- a/arch/mips/include/asm/ptrace.h
+++ b/arch/mips/include/asm/ptrace.h
@@ -82,7 +82,7 @@ static inline long regs_return_value(struct pt_regs *regs)
 #define instruction_pointer(regs) ((regs)->cp0_epc)
 #define profile_pc(regs) instruction_pointer(regs)
 
-extern asmlinkage long syscall_trace_enter(struct pt_regs *regs);
+extern asmlinkage long syscall_trace_enter(struct pt_regs *regs, long syscall);
 extern asmlinkage void syscall_trace_leave(struct pt_regs *regs);
 
 extern void die(const char *, struct pt_regs *) __noreturn;
diff --git a/arch/mips/include/asm/syscall.h b/arch/mips/include/asm/syscall.h
index e7e0210..3073978 100644
--- a/arch/mips/include/asm/syscall.h
+++ b/arch/mips/include/asm/syscall.h
@@ -19,11 +19,22 @@
 #include <linux/sched.h>
 #include <linux/uaccess.h>
 #include <asm/ptrace.h>
+#include <asm/unistd.h>
+
+#ifndef __NR_syscall /* Only defined if _MIPS_SIM == _MIPS_SIM_ABI32 */
+#define __NR_syscall 4000
+#endif
 
 static inline long syscall_get_nr(struct task_struct *task,
 				  struct pt_regs *regs)
 {
-	return regs->regs[2];
+	/* O32 ABI syscall() - Either 64-bit with O32 or 32-bit */
+	if ((config_enabled(CONFIG_32BIT) ||
+	    test_tsk_thread_flag(task, TIF_32BIT_REGS)) &&
+	    (regs->regs[2] == __NR_syscall))
+		return regs->regs[4];
+	else
+		return regs->regs[2];
 }
 
 static inline unsigned long mips_get_syscall_arg(unsigned long *arg,
@@ -90,6 +101,13 @@ static inline void syscall_get_arguments(struct task_struct *task,
 					 unsigned long *args)
 {
 	int ret;
+	/* O32 ABI syscall() - Either 64-bit with O32 or 32-bit */
+	if ((config_enabled(CONFIG_32BIT) ||
+	    test_tsk_thread_flag(task, TIF_32BIT_REGS)) &&
+	    (regs->regs[2] == __NR_syscall)) {
+		i++;
+		n++;
+	}
 
 	while (n--)
 		ret |= mips_get_syscall_arg(args++, task, regs, i++);
diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c
index 7f9bcaa..a17a702 100644
--- a/arch/mips/kernel/ptrace.c
+++ b/arch/mips/kernel/ptrace.c
@@ -662,9 +662,8 @@ long arch_ptrace(struct task_struct *child, long request,
  * Notification of system call entry/exit
  * - triggered by current->work.syscall_trace
  */
-asmlinkage long syscall_trace_enter(struct pt_regs *regs)
+asmlinkage long syscall_trace_enter(struct pt_regs *regs, long syscall)
 {
-	long syscall = regs->regs[2];
 	long ret = 0;
 	user_exit();
 
diff --git a/arch/mips/kernel/scall32-o32.S b/arch/mips/kernel/scall32-o32.S
index ce6a1cc..0b1d70e 100644
--- a/arch/mips/kernel/scall32-o32.S
+++ b/arch/mips/kernel/scall32-o32.S
@@ -118,7 +118,16 @@ syscall_trace_entry:
 	SAVE_STATIC
 	move	s0, t2
 	move	a0, sp
-	jal	syscall_trace_enter
+
+	/*
+	 * syscall number is in v0 unless we called syscall(__NR_###)
+	 * where the real syscall number is in a0
+	 */
+	addiu	a1, v0,  __NR_O32_Linux
+	bnez	v0, 1f /* __NR_syscall at offset 0 */
+	lw	a1, PT_R4(sp)
+
+1:	jal	syscall_trace_enter
 
 	bltz	v0, 2f			# seccomp failed? Skip syscall
 
diff --git a/arch/mips/kernel/scall64-64.S b/arch/mips/kernel/scall64-64.S
index 88372a1..3d59f12 100644
--- a/arch/mips/kernel/scall64-64.S
+++ b/arch/mips/kernel/scall64-64.S
@@ -80,6 +80,7 @@ syscall_trace_entry:
 	SAVE_STATIC
 	move	s0, t2
 	move	a0, sp
+	daddiu	a1, v0, __NR_64_Linux
 	jal	syscall_trace_enter
 
 	bltz	v0, 2f			# seccomp failed? Skip syscall
diff --git a/arch/mips/kernel/scall64-n32.S b/arch/mips/kernel/scall64-n32.S
index d79d880..1dd21e5 100644
--- a/arch/mips/kernel/scall64-n32.S
+++ b/arch/mips/kernel/scall64-n32.S
@@ -72,6 +72,7 @@ n32_syscall_trace_entry:
 	SAVE_STATIC
 	move	s0, t2
 	move	a0, sp
+	daddiu	a1, v0, __NR_N32_Linux
 	jal	syscall_trace_enter
 
 	bltz	v0, 2f			# seccomp failed? Skip syscall
diff --git a/arch/mips/kernel/scall64-o32.S b/arch/mips/kernel/scall64-o32.S
index 375a72b..4405f5a 100644
--- a/arch/mips/kernel/scall64-o32.S
+++ b/arch/mips/kernel/scall64-o32.S
@@ -112,7 +112,18 @@ trace_a_syscall:
 
 	move	s0, t2			# Save syscall pointer
 	move	a0, sp
-	jal	syscall_trace_enter
+	/*
+	 * syscall number is in v0 unless we called syscall(__NR_###)
+	 * where the real syscall number is in a0
+	 * note: NR_syscall is the first O32 syscall but the macro is
+	 * only defined when compiling with -mabi=32 (CONFIG_32BIT)
+	 * therefore __NR_O32_Linux is used (4000)
+	 */
+	addiu	a1, v0,  __NR_O32_Linux
+	bnez	v0, 1f /* __NR_syscall at offset 0 */
+	lw	a1, PT_R4(sp)
+
+1:	jal	syscall_trace_enter
 
 	bltz	v0, 2f			# seccomp failed? Skip syscall
 
-- 
1.8.5.3

[PATCH 7/8] MIPS: seccomp: Handle indirect system calls (o32)

[Markos Chandras]

When userland uses syscall() to perform an indirect system call
the actually system call that needs to be checked by the filter
is on the first argument. The kernel code needs to handle this case
by looking at the original syscall number in v0 and if it's
NR_syscall, then it needs to examine the first argument to
identify the real system call that will be executed.
Similarly, we need to 'virtually' shift the syscall() arguments
so the syscall_get_arguments() function can fetch the correct
arguments for the indirect system call.

Reviewed-by: James Hogan <james.hogan@imgtec.com>
Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/include/asm/ptrace.h  |  2 +-
 arch/mips/include/asm/syscall.h | 20 +++++++++++++++++++-
 arch/mips/kernel/ptrace.c       |  3 +--
 arch/mips/kernel/scall32-o32.S  | 11 ++++++++++-
 arch/mips/kernel/scall64-64.S   |  1 +
 arch/mips/kernel/scall64-n32.S  |  1 +
 arch/mips/kernel/scall64-o32.S  | 13 ++++++++++++-
 7 files changed, 45 insertions(+), 6 deletions(-)

diff --git a/arch/mips/include/asm/ptrace.h b/arch/mips/include/asm/ptrace.h
index 84257df..bf1ac8d3 100644
--- a/arch/mips/include/asm/ptrace.h
+++ b/arch/mips/include/asm/ptrace.h
@@ -82,7 +82,7 @@ static inline long regs_return_value(struct pt_regs *regs)
 #define instruction_pointer(regs) ((regs)->cp0_epc)
 #define profile_pc(regs) instruction_pointer(regs)
 
-extern asmlinkage long syscall_trace_enter(struct pt_regs *regs);
+extern asmlinkage long syscall_trace_enter(struct pt_regs *regs, long syscall);
 extern asmlinkage void syscall_trace_leave(struct pt_regs *regs);
 
 extern void die(const char *, struct pt_regs *) __noreturn;
diff --git a/arch/mips/include/asm/syscall.h b/arch/mips/include/asm/syscall.h
index e7e0210..3073978 100644
--- a/arch/mips/include/asm/syscall.h
+++ b/arch/mips/include/asm/syscall.h
@@ -19,11 +19,22 @@
 #include <linux/sched.h>
 #include <linux/uaccess.h>
 #include <asm/ptrace.h>
+#include <asm/unistd.h>
+
+#ifndef __NR_syscall /* Only defined if _MIPS_SIM == _MIPS_SIM_ABI32 */
+#define __NR_syscall 4000
+#endif
 
 static inline long syscall_get_nr(struct task_struct *task,
 				  struct pt_regs *regs)
 {
-	return regs->regs[2];
+	/* O32 ABI syscall() - Either 64-bit with O32 or 32-bit */
+	if ((config_enabled(CONFIG_32BIT) ||
+	    test_tsk_thread_flag(task, TIF_32BIT_REGS)) &&
+	    (regs->regs[2] == __NR_syscall))
+		return regs->regs[4];
+	else
+		return regs->regs[2];
 }
 
 static inline unsigned long mips_get_syscall_arg(unsigned long *arg,
@@ -90,6 +101,13 @@ static inline void syscall_get_arguments(struct task_struct *task,
 					 unsigned long *args)
 {
 	int ret;
+	/* O32 ABI syscall() - Either 64-bit with O32 or 32-bit */
+	if ((config_enabled(CONFIG_32BIT) ||
+	    test_tsk_thread_flag(task, TIF_32BIT_REGS)) &&
+	    (regs->regs[2] == __NR_syscall)) {
+		i++;
+		n++;
+	}
 
 	while (n--)
 		ret |= mips_get_syscall_arg(args++, task, regs, i++);
diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c
index 7f9bcaa..a17a702 100644
--- a/arch/mips/kernel/ptrace.c
+++ b/arch/mips/kernel/ptrace.c
@@ -662,9 +662,8 @@ long arch_ptrace(struct task_struct *child, long request,
  * Notification of system call entry/exit
  * - triggered by current->work.syscall_trace
  */
-asmlinkage long syscall_trace_enter(struct pt_regs *regs)
+asmlinkage long syscall_trace_enter(struct pt_regs *regs, long syscall)
 {
-	long syscall = regs->regs[2];
 	long ret = 0;
 	user_exit();
 
diff --git a/arch/mips/kernel/scall32-o32.S b/arch/mips/kernel/scall32-o32.S
index ce6a1cc..0b1d70e 100644
--- a/arch/mips/kernel/scall32-o32.S
+++ b/arch/mips/kernel/scall32-o32.S
@@ -118,7 +118,16 @@ syscall_trace_entry:
 	SAVE_STATIC
 	move	s0, t2
 	move	a0, sp
-	jal	syscall_trace_enter
+
+	/*
+	 * syscall number is in v0 unless we called syscall(__NR_###)
+	 * where the real syscall number is in a0
+	 */
+	addiu	a1, v0,  __NR_O32_Linux
+	bnez	v0, 1f /* __NR_syscall at offset 0 */
+	lw	a1, PT_R4(sp)
+
+1:	jal	syscall_trace_enter
 
 	bltz	v0, 2f			# seccomp failed? Skip syscall
 
diff --git a/arch/mips/kernel/scall64-64.S b/arch/mips/kernel/scall64-64.S
index 88372a1..3d59f12 100644
--- a/arch/mips/kernel/scall64-64.S
+++ b/arch/mips/kernel/scall64-64.S
@@ -80,6 +80,7 @@ syscall_trace_entry:
 	SAVE_STATIC
 	move	s0, t2
 	move	a0, sp
+	daddiu	a1, v0, __NR_64_Linux
 	jal	syscall_trace_enter
 
 	bltz	v0, 2f			# seccomp failed? Skip syscall
diff --git a/arch/mips/kernel/scall64-n32.S b/arch/mips/kernel/scall64-n32.S
index d79d880..1dd21e5 100644
--- a/arch/mips/kernel/scall64-n32.S
+++ b/arch/mips/kernel/scall64-n32.S
@@ -72,6 +72,7 @@ n32_syscall_trace_entry:
 	SAVE_STATIC
 	move	s0, t2
 	move	a0, sp
+	daddiu	a1, v0, __NR_N32_Linux
 	jal	syscall_trace_enter
 
 	bltz	v0, 2f			# seccomp failed? Skip syscall
diff --git a/arch/mips/kernel/scall64-o32.S b/arch/mips/kernel/scall64-o32.S
index 375a72b..4405f5a 100644
--- a/arch/mips/kernel/scall64-o32.S
+++ b/arch/mips/kernel/scall64-o32.S
@@ -112,7 +112,18 @@ trace_a_syscall:
 
 	move	s0, t2			# Save syscall pointer
 	move	a0, sp
-	jal	syscall_trace_enter
+	/*
+	 * syscall number is in v0 unless we called syscall(__NR_###)
+	 * where the real syscall number is in a0
+	 * note: NR_syscall is the first O32 syscall but the macro is
+	 * only defined when compiling with -mabi=32 (CONFIG_32BIT)
+	 * therefore __NR_O32_Linux is used (4000)
+	 */
+	addiu	a1, v0,  __NR_O32_Linux
+	bnez	v0, 1f /* __NR_syscall at offset 0 */
+	lw	a1, PT_R4(sp)
+
+1:	jal	syscall_trace_enter
 
 	bltz	v0, 2f			# seccomp failed? Skip syscall
 
-- 
1.8.5.3

[PATCH 8/8] MIPS: Select HAVE_ARCH_SECCOMP_FILTER

[Markos Chandras]

Reviewed-by: James Hogan <james.hogan@imgtec.com>
Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/Kconfig | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig
index f4c78c9..f1fac99 100644
--- a/arch/mips/Kconfig
+++ b/arch/mips/Kconfig
@@ -9,6 +9,7 @@ config MIPS
 	select HAVE_PERF_EVENTS
 	select PERF_USE_VMALLOC
 	select HAVE_ARCH_KGDB
+	select HAVE_ARCH_SECCOMP_FILTER
 	select HAVE_ARCH_TRACEHOOK
 	select ARCH_HAVE_CUSTOM_GPIO_H
 	select HAVE_FUNCTION_TRACER
-- 
1.8.5.3

[PATCH 8/8] MIPS: Select HAVE_ARCH_SECCOMP_FILTER

[Markos Chandras]

Reviewed-by: James Hogan <james.hogan@imgtec.com>
Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
---
 arch/mips/Kconfig | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig
index f4c78c9..f1fac99 100644
--- a/arch/mips/Kconfig
+++ b/arch/mips/Kconfig
@@ -9,6 +9,7 @@ config MIPS
 	select HAVE_PERF_EVENTS
 	select PERF_USE_VMALLOC
 	select HAVE_ARCH_KGDB
+	select HAVE_ARCH_SECCOMP_FILTER
 	select HAVE_ARCH_TRACEHOOK
 	select ARCH_HAVE_CUSTOM_GPIO_H
 	select HAVE_FUNCTION_TRACER
-- 
1.8.5.3

Re: [PATCH 0/8] Improved seccomp-bpf support for MIPS

[Paul Gortmaker]

On Wed, Jan 22, 2014 at 9:39 AM, Markos Chandras
<markos.chandras@imgtec.com> wrote:
> Hi,
>
> This patch improves the existing seccomp-bpf support for MIPS.
> It fixes a bug when copying system call arguments for the filter
> checks and it also moves away from strict filtering to actually
> use the filter supplied by the userspace process.

Hi all,

It seems this causes a build fail on linux-next allmodconfig.  I left
a mindless "git bisect run .." go against it and it came up with:
----------------------------
make[2]: *** [samples/seccomp/bpf-direct.o] Error 1
make[1]: *** [samples/seccomp] Error 2
make[1]: *** Waiting for unfinished jobs....
make: *** [vmlinux] Error 2
5c5df77172430c6377ec3434ce62f2b14a6799fc is the first bad commit
commit 5c5df77172430c6377ec3434ce62f2b14a6799fc
Author: Markos Chandras <markos.chandras@imgtec.com>
Date:   Wed Jan 22 14:40:04 2014 +0000

    MIPS: Select HAVE_ARCH_SECCOMP_FILTER

    Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
    Reviewed-by: James Hogan <james.hogan@imgtec.com>
    Reviewed-by: Paul Burton <paul.burton@imgtec.com>
    Cc: linux-mips@linux-mips.org
    Patchwork: https://patchwork.linux-mips.org/patch/6401/
    Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
---------------------

The original linux-next fail is at:

http://kisskb.ellerman.id.au/kisskb/buildresult/10601740/

Paul.
--

>
> This patchset has been tested with libseccomp
> (MIPS support not upstream yet) on mips, mipsel and mips64
> and with Chromium test suite (MIPS support not upstream yet)
> on mipsel.
>
> This patchset is based on the upstream-sfr/mips-for-linux-next tree.
>
> Markos Chandras (8):
>   MIPS: asm: syscall: Fix copying system call arguments
>   MIPS: asm: syscall: Add the syscall_rollback function
>   MIPS: asm: syscall: Define syscall_get_arch
>   MIPS: asm: thread_info: Add _TIF_SECCOMP flag
>   MIPS: ptrace: Move away from secure_computing_strict
>   MIPS: kernel: scalls: Skip the syscall if denied by the seccomp filter
>   MIPS: seccomp: Handle indirect system calls (o32)
>   MIPS: Select HAVE_ARCH_SECCOMP_FILTER
>
>  arch/mips/Kconfig                   |  1 +
>  arch/mips/include/asm/ptrace.h      |  2 +-
>  arch/mips/include/asm/syscall.h     | 35 ++++++++++++++++++++++++++++++-----
>  arch/mips/include/asm/thread_info.h |  3 ++-
>  arch/mips/kernel/ptrace.c           | 11 ++++++-----
>  arch/mips/kernel/scall32-o32.S      | 15 +++++++++++++--
>  arch/mips/kernel/scall64-64.S       |  5 ++++-
>  arch/mips/kernel/scall64-n32.S      |  5 ++++-
>  arch/mips/kernel/scall64-o32.S      | 17 +++++++++++++++--
>  9 files changed, 76 insertions(+), 18 deletions(-)
>
> --
> 1.8.5.3
>
>
>--

Re: [PATCH 0/8] Improved seccomp-bpf support for MIPS

[Markos Chandras]

On 02/12/2014 12:58 AM, Paul Gortmaker wrote:
> On Wed, Jan 22, 2014 at 9:39 AM, Markos Chandras
> <markos.chandras@imgtec.com> wrote:
>> Hi,
>>
>> This patch improves the existing seccomp-bpf support for MIPS.
>> It fixes a bug when copying system call arguments for the filter
>> checks and it also moves away from strict filtering to actually
>> use the filter supplied by the userspace process.
>
> Hi all,
>
> It seems this causes a build fail on linux-next allmodconfig.  I left
> a mindless "git bisect run .." go against it and it came up with:
> ----------------------------
> make[2]: *** [samples/seccomp/bpf-direct.o] Error 1
> make[1]: *** [samples/seccomp] Error 2
> make[1]: *** Waiting for unfinished jobs....
> make: *** [vmlinux] Error 2
> 5c5df77172430c6377ec3434ce62f2b14a6799fc is the first bad commit
> commit 5c5df77172430c6377ec3434ce62f2b14a6799fc
> Author: Markos Chandras <markos.chandras@imgtec.com>
> Date:   Wed Jan 22 14:40:04 2014 +0000
>
>      MIPS: Select HAVE_ARCH_SECCOMP_FILTER
>
>      Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
>      Reviewed-by: James Hogan <james.hogan@imgtec.com>
>      Reviewed-by: Paul Burton <paul.burton@imgtec.com>
>      Cc: linux-mips@linux-mips.org
>      Patchwork: https://patchwork.linux-mips.org/patch/6401/
>      Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
> ---------------------
>
> The original linux-next fail is at:
>
> http://kisskb.ellerman.id.au/kisskb/buildresult/10601740/
>
> Paul.

Hi Paul,

I don't think this is caused by my patch. My patch just exposed it. To 
my understanding, the samples/seccomp are not meant to be 
cross-compiled. The tests use the host toolchain. However, when 
cross-compiling for MIPS, for example, __NR_write is only defined if

1) _MIPS_SIM == _MIPS_SIM_ABI64
2) _MIPS_SIM == _MIPS_SIM_ABI32
3) _MIPS_SIM == _MIPS_SIM_NABI32

which clearly makes no sense for the x86_64 toolchain. I would propose a 
fix like this in order to prevent test from being cross-compiled.

diff --git a/samples/seccomp/Makefile b/samples/seccomp/Makefile
index 7203e66..f3a018e 100644
--- a/samples/seccomp/Makefile
+++ b/samples/seccomp/Makefile
@@ -17,9 +17,9 @@ HOSTCFLAGS_bpf-direct.o += -I$(objtree)/usr/include
  HOSTCFLAGS_bpf-direct.o += -idirafter $(objtree)/include
  bpf-direct-objs := bpf-direct.o

+ifndef CROSS_COMPILE
  # Try to match the kernel target.
  ifndef CONFIG_64BIT
-ifndef CROSS_COMPILE

  # s390 has -m31 flag to build 31 bit binaries
  ifndef CONFIG_S390
@@ -36,7 +36,7 @@ HOSTLOADLIBES_bpf-direct += $(MFLAG)
  HOSTLOADLIBES_bpf-fancy += $(MFLAG)
  HOSTLOADLIBES_dropper += $(MFLAG)
  endif
-endif

  # Tell kbuild to always build the programs
  always := $(hostprogs-y)
+endif


-- 
markos

Re: [PATCH 0/8] Improved seccomp-bpf support for MIPS

[Paul Gortmaker]

On 14-02-12 04:39 AM, Markos Chandras wrote:
> On 02/12/2014 12:58 AM, Paul Gortmaker wrote:
>> On Wed, Jan 22, 2014 at 9:39 AM, Markos Chandras
>> <markos.chandras@imgtec.com> wrote:
>>> Hi,
>>>
>>> This patch improves the existing seccomp-bpf support for MIPS.
>>> It fixes a bug when copying system call arguments for the filter
>>> checks and it also moves away from strict filtering to actually
>>> use the filter supplied by the userspace process.
>>
>> Hi all,
>>
>> It seems this causes a build fail on linux-next allmodconfig.  I left
>> a mindless "git bisect run .." go against it and it came up with:
>> ----------------------------
>> make[2]: *** [samples/seccomp/bpf-direct.o] Error 1
>> make[1]: *** [samples/seccomp] Error 2
>> make[1]: *** Waiting for unfinished jobs....
>> make: *** [vmlinux] Error 2
>> 5c5df77172430c6377ec3434ce62f2b14a6799fc is the first bad commit
>> commit 5c5df77172430c6377ec3434ce62f2b14a6799fc
>> Author: Markos Chandras <markos.chandras@imgtec.com>
>> Date:   Wed Jan 22 14:40:04 2014 +0000
>>
>>      MIPS: Select HAVE_ARCH_SECCOMP_FILTER
>>
>>      Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
>>      Reviewed-by: James Hogan <james.hogan@imgtec.com>
>>      Reviewed-by: Paul Burton <paul.burton@imgtec.com>
>>      Cc: linux-mips@linux-mips.org
>>      Patchwork: https://patchwork.linux-mips.org/patch/6401/
>>      Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
>> ---------------------
>>
>> The original linux-next fail is at:
>>
>> http://kisskb.ellerman.id.au/kisskb/buildresult/10601740/
>>
>> Paul.
> 
> Hi Paul,
> 
> I don't think this is caused by my patch. My patch just exposed it. To

Ha, well that is one and the same thing for all intents and purposes.

Would you please formalize your patch below and put it in your
queue, in advance of the patch(es) that cause/trigger the breakage?

That way we won't be introducing a build bisection failure into the
permanent git history.

Thanks,
Paul.
--

> my understanding, the samples/seccomp are not meant to be 
> cross-compiled. The tests use the host toolchain. However, when 
> cross-compiling for MIPS, for example, __NR_write is only defined if
> 
> 1) _MIPS_SIM == _MIPS_SIM_ABI64
> 2) _MIPS_SIM == _MIPS_SIM_ABI32
> 3) _MIPS_SIM == _MIPS_SIM_NABI32
> 
> which clearly makes no sense for the x86_64 toolchain. I would propose a 
> fix like this in order to prevent test from being cross-compiled.
> 
> diff --git a/samples/seccomp/Makefile b/samples/seccomp/Makefile
> index 7203e66..f3a018e 100644
> --- a/samples/seccomp/Makefile
> +++ b/samples/seccomp/Makefile
> @@ -17,9 +17,9 @@ HOSTCFLAGS_bpf-direct.o += -I$(objtree)/usr/include
>   HOSTCFLAGS_bpf-direct.o += -idirafter $(objtree)/include
>   bpf-direct-objs := bpf-direct.o
> 
> +ifndef CROSS_COMPILE
>   # Try to match the kernel target.
>   ifndef CONFIG_64BIT
> -ifndef CROSS_COMPILE
> 
>   # s390 has -m31 flag to build 31 bit binaries
>   ifndef CONFIG_S390
> @@ -36,7 +36,7 @@ HOSTLOADLIBES_bpf-direct += $(MFLAG)
>   HOSTLOADLIBES_bpf-fancy += $(MFLAG)
>   HOSTLOADLIBES_dropper += $(MFLAG)
>   endif
> -endif
> 
>   # Tell kbuild to always build the programs
>   always := $(hostprogs-y)
> +endif
> 
>