* [PATCH v4 0/3] powerpc: Enable seccomp filter support
@ 2015-02-18 8:16 Bogdan Purcareata
2015-02-18 8:16 ` [PATCH v4 1/3] powerpc: Don't force ENOSYS as error on syscall fail Bogdan Purcareata
` (3 more replies)
0 siblings, 4 replies; 9+ messages in thread
From: Bogdan Purcareata @ 2015-02-18 8:16 UTC (permalink / raw)
To: benh, paulus, linuxppc-dev, mpe
Cc: pmoore, linux-kernel, Bogdan Purcareata, strosake
Add the missing pieces in order to enable SECCOMP_FILTER on PowerPC
architectures, and enable this support.
Testing has been pursued using libseccomp with the latest ppc support patches
[1][2], on Freescale platforms for both ppc and ppc64. Support on ppc64le has
also been tested, courtesy of Mike Strosaker.
[1] https://groups.google.com/forum/#!topic/libseccomp/oz42LfMDsxg
[2] https://groups.google.com/forum/#!topic/libseccomp/TQWfCt_nD7c
v4:
- rebased on top of 3.19
v3:
- keep setting ENOSYS in syscall entry assembly when syscall tracing is disabled
v2:
- move setting ENOSYS from syscall entry assembly to do_syscall_trace_enter
Bogdan Purcareata (3):
powerpc: Don't force ENOSYS as error on syscall fail
powerpc: Relax secure computing on syscall entry trace
powerpc: Enable HAVE_ARCH_SECCOMP_FILTER
arch/powerpc/Kconfig | 1 +
arch/powerpc/kernel/entry_32.S | 7 ++++++-
arch/powerpc/kernel/entry_64.S | 5 +++--
arch/powerpc/kernel/ptrace.c | 8 ++++++--
4 files changed, 16 insertions(+), 5 deletions(-)
--
2.1.4
^ permalink raw reply [flat|nested] 9+ messages in thread* [PATCH v4 1/3] powerpc: Don't force ENOSYS as error on syscall fail 2015-02-18 8:16 [PATCH v4 0/3] powerpc: Enable seccomp filter support Bogdan Purcareata @ 2015-02-18 8:16 ` Bogdan Purcareata 2015-02-18 8:16 ` [PATCH v4 2/3] powerpc: Relax secure computing on syscall entry trace Bogdan Purcareata ` (2 subsequent siblings) 3 siblings, 0 replies; 9+ messages in thread From: Bogdan Purcareata @ 2015-02-18 8:16 UTC (permalink / raw) To: benh, paulus, linuxppc-dev, mpe Cc: pmoore, linux-kernel, Bogdan Purcareata, strosake In certain scenarios - e.g. seccomp filtering with ERRNO as default action - the system call fails for other reasons than the syscall not being available. The seccomp filter can be configured to store a user-defined error code on return from a blacklisted syscall. Don't always set ENOSYS on do_syscall_trace_enter failure. Delegate setting ENOSYS in case of failure, where appropriate, to do_syscall_trace_enter. v4: - update syscall_exit to be local label on 64bit, after rebasing on top of 3.19 v3: - keep setting ENOSYS in the syscall entry assembly for scenarios without syscall tracing v2: - move setting ENOSYS as errno from the syscall entry assembly to do_syscall_trace_enter, only in the specific case Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com> --- arch/powerpc/kernel/entry_32.S | 7 ++++++- arch/powerpc/kernel/entry_64.S | 5 +++-- arch/powerpc/kernel/ptrace.c | 4 +++- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/arch/powerpc/kernel/entry_32.S b/arch/powerpc/kernel/entry_32.S index 46fc0f4..b2f88cd 100644 --- a/arch/powerpc/kernel/entry_32.S +++ b/arch/powerpc/kernel/entry_32.S @@ -333,12 +333,12 @@ _GLOBAL(DoSyscall) lwz r11,TI_FLAGS(r10) andi. r11,r11,_TIF_SYSCALL_DOTRACE bne- syscall_dotrace -syscall_dotrace_cont: cmplwi 0,r0,NR_syscalls lis r10,sys_call_table@h ori r10,r10,sys_call_table@l slwi r0,r0,2 bge- 66f +syscall_dotrace_cont: lwzx r10,r10,r0 /* Fetch system call handler [ptr] */ mtlr r10 addi r9,r1,STACK_FRAME_OVERHEAD @@ -457,6 +457,11 @@ syscall_dotrace: lwz r7,GPR7(r1) lwz r8,GPR8(r1) REST_NVGPRS(r1) + cmplwi 0,r0,NR_syscalls + lis r10,sys_call_table@h + ori r10,r10,sys_call_table@l + slwi r0,r0,2 + bge- ret_from_syscall b syscall_dotrace_cont syscall_exit_work: diff --git a/arch/powerpc/kernel/entry_64.S b/arch/powerpc/kernel/entry_64.S index d180caf2..5e7434e 100644 --- a/arch/powerpc/kernel/entry_64.S +++ b/arch/powerpc/kernel/entry_64.S @@ -144,7 +144,6 @@ END_FW_FTR_SECTION_IFSET(FW_FEATURE_SPLPAR) ld r10,TI_FLAGS(r11) andi. r11,r10,_TIF_SYSCALL_DOTRACE bne syscall_dotrace -.Lsyscall_dotrace_cont: cmpldi 0,r0,NR_syscalls bge- syscall_enosys @@ -253,7 +252,9 @@ syscall_dotrace: addi r9,r1,STACK_FRAME_OVERHEAD CURRENT_THREAD_INFO(r10, r1) ld r10,TI_FLAGS(r10) - b .Lsyscall_dotrace_cont + cmpldi 0,r0,NR_syscalls + bge- .Lsyscall_exit + b system_call syscall_enosys: li r3,-ENOSYS diff --git a/arch/powerpc/kernel/ptrace.c b/arch/powerpc/kernel/ptrace.c index f21897b..2edae06 100644 --- a/arch/powerpc/kernel/ptrace.c +++ b/arch/powerpc/kernel/ptrace.c @@ -1775,13 +1775,15 @@ long do_syscall_trace_enter(struct pt_regs *regs) secure_computing_strict(regs->gpr[0]); if (test_thread_flag(TIF_SYSCALL_TRACE) && - tracehook_report_syscall_entry(regs)) + tracehook_report_syscall_entry(regs)) { /* * Tracing decided this syscall should not happen. * We'll return a bogus call number to get an ENOSYS * error, but leave the original number in regs->gpr[0]. */ ret = -1L; + syscall_set_return_value(current, regs, ENOSYS, 0); + } if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) trace_sys_enter(regs, regs->gpr[0]); -- 2.1.4 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH v4 2/3] powerpc: Relax secure computing on syscall entry trace 2015-02-18 8:16 [PATCH v4 0/3] powerpc: Enable seccomp filter support Bogdan Purcareata 2015-02-18 8:16 ` [PATCH v4 1/3] powerpc: Don't force ENOSYS as error on syscall fail Bogdan Purcareata @ 2015-02-18 8:16 ` Bogdan Purcareata 2015-02-18 8:16 ` [PATCH v4 3/3] powerpc: Enable HAVE_ARCH_SECCOMP_FILTER Bogdan Purcareata 2015-02-27 7:28 ` [PATCH v4 0/3] powerpc: Enable seccomp filter support Purcareata Bogdan 3 siblings, 0 replies; 9+ messages in thread From: Bogdan Purcareata @ 2015-02-18 8:16 UTC (permalink / raw) To: benh, paulus, linuxppc-dev, mpe Cc: pmoore, linux-kernel, Bogdan Purcareata, strosake The secure_computing_strict will just force the kernel to panic on secure_computing failure. Once SECCOMP_FILTER support is enabled in the kernel, syscalls can be denied without system failure. v4: - rebase on top of 3.19 v3,v2: no changes Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com> --- arch/powerpc/kernel/ptrace.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/powerpc/kernel/ptrace.c b/arch/powerpc/kernel/ptrace.c index 2edae06..cb9fd33 100644 --- a/arch/powerpc/kernel/ptrace.c +++ b/arch/powerpc/kernel/ptrace.c @@ -1772,7 +1772,9 @@ long do_syscall_trace_enter(struct pt_regs *regs) user_exit(); - secure_computing_strict(regs->gpr[0]); + /* Do the secure computing check first; failures should be fast. */ + if (secure_computing() == -1) + return -1L; if (test_thread_flag(TIF_SYSCALL_TRACE) && tracehook_report_syscall_entry(regs)) { -- 2.1.4 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH v4 3/3] powerpc: Enable HAVE_ARCH_SECCOMP_FILTER 2015-02-18 8:16 [PATCH v4 0/3] powerpc: Enable seccomp filter support Bogdan Purcareata 2015-02-18 8:16 ` [PATCH v4 1/3] powerpc: Don't force ENOSYS as error on syscall fail Bogdan Purcareata 2015-02-18 8:16 ` [PATCH v4 2/3] powerpc: Relax secure computing on syscall entry trace Bogdan Purcareata @ 2015-02-18 8:16 ` Bogdan Purcareata 2015-02-27 7:28 ` [PATCH v4 0/3] powerpc: Enable seccomp filter support Purcareata Bogdan 3 siblings, 0 replies; 9+ messages in thread From: Bogdan Purcareata @ 2015-02-18 8:16 UTC (permalink / raw) To: benh, paulus, linuxppc-dev, mpe Cc: pmoore, linux-kernel, Bogdan Purcareata, strosake Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com> --- arch/powerpc/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig index 22b0940..2588b57 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig @@ -104,6 +104,7 @@ config PPC select HAVE_EFFICIENT_UNALIGNED_ACCESS if !CPU_LITTLE_ENDIAN select HAVE_KPROBES select HAVE_ARCH_KGDB + select HAVE_ARCH_SECCOMP_FILTER select HAVE_KRETPROBES select HAVE_ARCH_TRACEHOOK select HAVE_MEMBLOCK -- 2.1.4 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH v4 0/3] powerpc: Enable seccomp filter support 2015-02-18 8:16 [PATCH v4 0/3] powerpc: Enable seccomp filter support Bogdan Purcareata ` (2 preceding siblings ...) 2015-02-18 8:16 ` [PATCH v4 3/3] powerpc: Enable HAVE_ARCH_SECCOMP_FILTER Bogdan Purcareata @ 2015-02-27 7:28 ` Purcareata Bogdan 2015-02-27 20:54 ` Benjamin Herrenschmidt 3 siblings, 1 reply; 9+ messages in thread From: Purcareata Bogdan @ 2015-02-27 7:28 UTC (permalink / raw) To: Bogdan Purcareata, benh, paulus, linuxppc-dev, mpe Cc: pmoore, linux-kernel, strosake Ping? On 18.02.2015 10:16, Bogdan Purcareata wrote: > Add the missing pieces in order to enable SECCOMP_FILTER on PowerPC > architectures, and enable this support. > > Testing has been pursued using libseccomp with the latest ppc support patches > [1][2], on Freescale platforms for both ppc and ppc64. Support on ppc64le has > also been tested, courtesy of Mike Strosaker. > > [1] https://groups.google.com/forum/#!topic/libseccomp/oz42LfMDsxg > [2] https://groups.google.com/forum/#!topic/libseccomp/TQWfCt_nD7c > > v4: > - rebased on top of 3.19 > > v3: > - keep setting ENOSYS in syscall entry assembly when syscall tracing is disabled > > v2: > - move setting ENOSYS from syscall entry assembly to do_syscall_trace_enter > > Bogdan Purcareata (3): > powerpc: Don't force ENOSYS as error on syscall fail > powerpc: Relax secure computing on syscall entry trace > powerpc: Enable HAVE_ARCH_SECCOMP_FILTER > > arch/powerpc/Kconfig | 1 + > arch/powerpc/kernel/entry_32.S | 7 ++++++- > arch/powerpc/kernel/entry_64.S | 5 +++-- > arch/powerpc/kernel/ptrace.c | 8 ++++++-- > 4 files changed, 16 insertions(+), 5 deletions(-) > ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v4 0/3] powerpc: Enable seccomp filter support 2015-02-27 7:28 ` [PATCH v4 0/3] powerpc: Enable seccomp filter support Purcareata Bogdan @ 2015-02-27 20:54 ` Benjamin Herrenschmidt 2015-03-09 8:26 ` Purcareata Bogdan 2015-03-23 11:44 ` Purcareata Bogdan 0 siblings, 2 replies; 9+ messages in thread From: Benjamin Herrenschmidt @ 2015-02-27 20:54 UTC (permalink / raw) To: Purcareata Bogdan Cc: linux-kernel, pmoore, paulus, Bogdan Purcareata, linuxppc-dev, strosake On Fri, 2015-02-27 at 09:28 +0200, Purcareata Bogdan wrote: > Ping? What is the ping for ? Ben. > On 18.02.2015 10:16, Bogdan Purcareata wrote: > > Add the missing pieces in order to enable SECCOMP_FILTER on PowerPC > > architectures, and enable this support. > > > > Testing has been pursued using libseccomp with the latest ppc support patches > > [1][2], on Freescale platforms for both ppc and ppc64. Support on ppc64le has > > also been tested, courtesy of Mike Strosaker. > > > > [1] https://groups.google.com/forum/#!topic/libseccomp/oz42LfMDsxg > > [2] https://groups.google.com/forum/#!topic/libseccomp/TQWfCt_nD7c > > > > v4: > > - rebased on top of 3.19 > > > > v3: > > - keep setting ENOSYS in syscall entry assembly when syscall tracing is disabled > > > > v2: > > - move setting ENOSYS from syscall entry assembly to do_syscall_trace_enter > > > > Bogdan Purcareata (3): > > powerpc: Don't force ENOSYS as error on syscall fail > > powerpc: Relax secure computing on syscall entry trace > > powerpc: Enable HAVE_ARCH_SECCOMP_FILTER > > > > arch/powerpc/Kconfig | 1 + > > arch/powerpc/kernel/entry_32.S | 7 ++++++- > > arch/powerpc/kernel/entry_64.S | 5 +++-- > > arch/powerpc/kernel/ptrace.c | 8 ++++++-- > > 4 files changed, 16 insertions(+), 5 deletions(-) > > ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v4 0/3] powerpc: Enable seccomp filter support 2015-02-27 20:54 ` Benjamin Herrenschmidt @ 2015-03-09 8:26 ` Purcareata Bogdan 2015-03-23 11:44 ` Purcareata Bogdan 1 sibling, 0 replies; 9+ messages in thread From: Purcareata Bogdan @ 2015-03-09 8:26 UTC (permalink / raw) To: Benjamin Herrenschmidt Cc: linux-kernel, pmoore, paulus, Bogdan Purcareata, linuxppc-dev, strosake On 27.02.2015 22:54, Benjamin Herrenschmidt wrote: > On Fri, 2015-02-27 at 09:28 +0200, Purcareata Bogdan wrote: >> Ping? > > What is the ping for ? > > Ben. Making sure the patches are not lost on the mailing lists :) Didn't receive any feedback on v4 and just wanted to check if there's anything more I can do. Thank you, Bogdan P. >> On 18.02.2015 10:16, Bogdan Purcareata wrote: >>> Add the missing pieces in order to enable SECCOMP_FILTER on PowerPC >>> architectures, and enable this support. >>> >>> Testing has been pursued using libseccomp with the latest ppc support patches >>> [1][2], on Freescale platforms for both ppc and ppc64. Support on ppc64le has >>> also been tested, courtesy of Mike Strosaker. >>> >>> [1] https://groups.google.com/forum/#!topic/libseccomp/oz42LfMDsxg >>> [2] https://groups.google.com/forum/#!topic/libseccomp/TQWfCt_nD7c >>> >>> v4: >>> - rebased on top of 3.19 >>> >>> v3: >>> - keep setting ENOSYS in syscall entry assembly when syscall tracing is disabled >>> >>> v2: >>> - move setting ENOSYS from syscall entry assembly to do_syscall_trace_enter >>> >>> Bogdan Purcareata (3): >>> powerpc: Don't force ENOSYS as error on syscall fail >>> powerpc: Relax secure computing on syscall entry trace >>> powerpc: Enable HAVE_ARCH_SECCOMP_FILTER >>> >>> arch/powerpc/Kconfig | 1 + >>> arch/powerpc/kernel/entry_32.S | 7 ++++++- >>> arch/powerpc/kernel/entry_64.S | 5 +++-- >>> arch/powerpc/kernel/ptrace.c | 8 ++++++-- >>> 4 files changed, 16 insertions(+), 5 deletions(-) >>> > > ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v4 0/3] powerpc: Enable seccomp filter support 2015-02-27 20:54 ` Benjamin Herrenschmidt 2015-03-09 8:26 ` Purcareata Bogdan @ 2015-03-23 11:44 ` Purcareata Bogdan 2015-03-25 9:31 ` Michael Ellerman 1 sibling, 1 reply; 9+ messages in thread From: Purcareata Bogdan @ 2015-03-23 11:44 UTC (permalink / raw) To: Benjamin Herrenschmidt, Michael Ellerman Cc: linux-kernel, pmoore, paulus, Bogdan Purcareata, Scott Wood, linuxppc-dev, strosake On 27.02.2015 22:54, Benjamin Herrenschmidt wrote: > On Fri, 2015-02-27 at 09:28 +0200, Purcareata Bogdan wrote: >> Ping? > > What is the ping for ? > > Ben. Hello Ben, I just wanted to check with you what's the current status of these patches. I noticed in patchwork [1][2][3] that the patches are marked as non-applicable. As of today, I cloned Michael Ellerman's tree [4], applied the patches on the master branch, compiled and tested. Tests pass both with the libseccomp regression suite and my LXC tests. Is there a specific tree I should send them against, or on another mailing list? Is there any other reason the patches are not applicable? [1] https://patchwork.ozlabs.org/patch/440827/ [2] https://patchwork.ozlabs.org/patch/440828/ [3] https://patchwork.ozlabs.org/patch/440829/ [4] git://git.kernel.org/pub/scm/linux/kernel/git/mpe/linux.git Thank you, Bogdan P. >> On 18.02.2015 10:16, Bogdan Purcareata wrote: >>> Add the missing pieces in order to enable SECCOMP_FILTER on PowerPC >>> architectures, and enable this support. >>> >>> Testing has been pursued using libseccomp with the latest ppc support patches >>> [1][2], on Freescale platforms for both ppc and ppc64. Support on ppc64le has >>> also been tested, courtesy of Mike Strosaker. >>> >>> [1] https://groups.google.com/forum/#!topic/libseccomp/oz42LfMDsxg >>> [2] https://groups.google.com/forum/#!topic/libseccomp/TQWfCt_nD7c >>> >>> v4: >>> - rebased on top of 3.19 >>> >>> v3: >>> - keep setting ENOSYS in syscall entry assembly when syscall tracing is disabled >>> >>> v2: >>> - move setting ENOSYS from syscall entry assembly to do_syscall_trace_enter >>> >>> Bogdan Purcareata (3): >>> powerpc: Don't force ENOSYS as error on syscall fail >>> powerpc: Relax secure computing on syscall entry trace >>> powerpc: Enable HAVE_ARCH_SECCOMP_FILTER >>> >>> arch/powerpc/Kconfig | 1 + >>> arch/powerpc/kernel/entry_32.S | 7 ++++++- >>> arch/powerpc/kernel/entry_64.S | 5 +++-- >>> arch/powerpc/kernel/ptrace.c | 8 ++++++-- >>> 4 files changed, 16 insertions(+), 5 deletions(-) >>> > > ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v4 0/3] powerpc: Enable seccomp filter support 2015-03-23 11:44 ` Purcareata Bogdan @ 2015-03-25 9:31 ` Michael Ellerman 0 siblings, 0 replies; 9+ messages in thread From: Michael Ellerman @ 2015-03-25 9:31 UTC (permalink / raw) To: Purcareata Bogdan Cc: linux-kernel, pmoore, paulus, Bogdan Purcareata, Scott Wood, linuxppc-dev, strosake On Mon, 2015-03-23 at 13:44 +0200, Purcareata Bogdan wrote: > On 27.02.2015 22:54, Benjamin Herrenschmidt wrote: > > On Fri, 2015-02-27 at 09:28 +0200, Purcareata Bogdan wrote: > >> Ping? > > > > What is the ping for ? > > > > Ben. > > Hello Ben, > > I just wanted to check with you what's the current status of these > patches. I noticed in patchwork [1][2][3] that the patches are marked as > non-applicable. > > As of today, I cloned Michael Ellerman's tree [4], applied the patches > on the master branch, compiled and tested. Tests pass both with the > libseccomp regression suite and my LXC tests. > > Is there a specific tree I should send them against, or on another > mailing list? Is there any other reason the patches are not applicable? I just haven't had time to review them properly. Because you're touching the syscall path for all powerpc platforms it needs more scrutiny than the average patch. It should still make 4.1, probably :) cheers ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2015-03-25 9:31 UTC | newest] Thread overview: 9+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2015-02-18 8:16 [PATCH v4 0/3] powerpc: Enable seccomp filter support Bogdan Purcareata 2015-02-18 8:16 ` [PATCH v4 1/3] powerpc: Don't force ENOSYS as error on syscall fail Bogdan Purcareata 2015-02-18 8:16 ` [PATCH v4 2/3] powerpc: Relax secure computing on syscall entry trace Bogdan Purcareata 2015-02-18 8:16 ` [PATCH v4 3/3] powerpc: Enable HAVE_ARCH_SECCOMP_FILTER Bogdan Purcareata 2015-02-27 7:28 ` [PATCH v4 0/3] powerpc: Enable seccomp filter support Purcareata Bogdan 2015-02-27 20:54 ` Benjamin Herrenschmidt 2015-03-09 8:26 ` Purcareata Bogdan 2015-03-23 11:44 ` Purcareata Bogdan 2015-03-25 9:31 ` Michael Ellerman
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).