Commit da94a40f authored by Max Filippov's avatar Max Filippov
Browse files

xtensa: add seccomp support 



Add SECCOMP to xtensa Kconfig, select HAVE_ARCH_SECCOMP_FILTER, add
TIF_SECCOMP and call secure_computing from do_syscall_trace_enter.

Signed-off-by: default avatarMax Filippov <jcmvbkbc@gmail.com>
parent 8b7a87a0

Documentation/features/seccomp/seccomp-filter/arch-support.txt

+1 −1
Original line number Diff line number Diff line
@@ -30,5 +30,5 @@ 
    |          um: |  ok  |

    |   unicore32: | TODO |

    |         x86: |  ok  |

    |      xtensa: | TODO |

    |      xtensa: |  ok  |

    -----------------------

arch/xtensa/Kconfig

+15 −0
Original line number Diff line number Diff line
@@ -24,6 +24,7 @@ config XTENSA 
	select HAVE_ARCH_AUDITSYSCALL

	select HAVE_ARCH_JUMP_LABEL if !XIP_KERNEL

	select HAVE_ARCH_KASAN if MMU && !XIP_KERNEL

	select HAVE_ARCH_SECCOMP_FILTER

	select HAVE_ARCH_TRACEHOOK

	select HAVE_COPY_THREAD_TLS

	select HAVE_DEBUG_KMEMLEAK
@@ -217,6 +218,20 @@ config HOTPLUG_CPU 


	  Say N if you want to disable CPU hotplug.



config SECCOMP

	bool

	prompt "Enable seccomp to safely compute untrusted bytecode"

	help

	  This kernel feature is useful for number crunching applications

	  that may need to compute untrusted bytecode during their

	  execution. By using pipes or other transports made available to

	  the process as file descriptors supporting the read/write

	  syscalls, it's possible to isolate those applications in

	  their own address space using seccomp. Once seccomp is

	  enabled via prctl(PR_SET_SECCOMP), it cannot be disabled

	  and the task is only allowed to execute a few safe syscalls

	  defined by each seccomp mode.



config FAST_SYSCALL_XTENSA

	bool "Enable fast atomic syscalls"

	default n

arch/xtensa/include/asm/Kbuild

+1 −0
Original line number Diff line number Diff line
@@ -7,4 +7,5 @@ generic-y += mcs_spinlock.h 
generic-y += param.h

generic-y += qrwlock.h

generic-y += qspinlock.h

generic-y += seccomp.h

generic-y += user.h

arch/xtensa/include/asm/thread_info.h

+4 −1
Original line number Diff line number Diff line
@@ -112,6 +112,7 @@ static inline struct thread_info *current_thread_info(void) 
#define TIF_NOTIFY_RESUME	7	/* callback before returning to user */

#define TIF_DB_DISABLED		8	/* debug trap disabled for syscall */

#define TIF_SYSCALL_AUDIT	9	/* syscall auditing active */

#define TIF_SECCOMP		10	/* secure computing */



#define _TIF_SYSCALL_TRACE	(1<<TIF_SYSCALL_TRACE)

#define _TIF_SIGPENDING		(1<<TIF_SIGPENDING)
@@ -119,9 +120,11 @@ static inline struct thread_info *current_thread_info(void) 
#define _TIF_SINGLESTEP		(1<<TIF_SINGLESTEP)

#define _TIF_SYSCALL_TRACEPOINT	(1<<TIF_SYSCALL_TRACEPOINT)

#define _TIF_SYSCALL_AUDIT	(1<<TIF_SYSCALL_AUDIT)

#define _TIF_SECCOMP		(1<<TIF_SECCOMP)



#define _TIF_WORK_MASK		(_TIF_SYSCALL_TRACE | _TIF_SINGLESTEP | \

				 _TIF_SYSCALL_TRACEPOINT | _TIF_SYSCALL_AUDIT)

				 _TIF_SYSCALL_TRACEPOINT | \

				 _TIF_SYSCALL_AUDIT | _TIF_SECCOMP)



#define THREAD_SIZE KERNEL_STACK_SIZE

#define THREAD_SIZE_ORDER (KERNEL_STACK_SHIFT - PAGE_SHIFT)

arch/xtensa/kernel/ptrace.c

+3 −1
Original line number Diff line number Diff line
@@ -22,6 +22,7 @@ 
#include <linux/regset.h>

#include <linux/sched.h>

#include <linux/sched/task_stack.h>

#include <linux/seccomp.h>

#include <linux/security.h>

#include <linux/signal.h>

#include <linux/smp.h>
@@ -559,7 +560,8 @@ int do_syscall_trace_enter(struct pt_regs *regs) 
		return 0;

	}



	if (regs->syscall == NO_SYSCALL) {

	if (regs->syscall == NO_SYSCALL ||

	    secure_computing() == -1) {

		do_syscall_trace_leave(regs);

		return 0;

	}