Message ID | 20180409002239.163177-160-alexander.levin@microsoft.com |
---|---|
State | Not Applicable, archived |
Delegated to: | David Miller |
Headers | show |
Series | None | expand |
On Mon, Apr 09, 2018 at 12:24:58AM +0000, Sasha Levin wrote: > From: David Daney <david.daney@cavium.com> > > [ Upstream commit 669c4092225f0ed5df12ebee654581b558a5e3ed ] > > KProbes of __seccomp_filter() are not very useful without access to > the syscall arguments. > > Do what x86 does, and populate a struct seccomp_data to be passed to > __secure_computing(). This allows samples/bpf/tracex5 to extract a > sensible trace. This broke o32 indirect syscalls, and was fixed by commit 3d729deaf287 ("MIPS: seccomp: Fix indirect syscall args"). Cheers James
diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c index 0c8ae2cc6380..956dae7e6a69 100644 --- a/arch/mips/kernel/ptrace.c +++ b/arch/mips/kernel/ptrace.c @@ -1011,8 +1011,26 @@ asmlinkage long syscall_trace_enter(struct pt_regs *regs, long syscall) tracehook_report_syscall_entry(regs)) return -1; - if (secure_computing(NULL) == -1) - return -1; +#ifdef CONFIG_SECCOMP + if (unlikely(test_thread_flag(TIF_SECCOMP))) { + int ret, i; + struct seccomp_data sd; + + sd.nr = syscall; + sd.arch = syscall_get_arch(); + for (i = 0; i < 6; i++) { + unsigned long v, r; + + r = mips_get_syscall_arg(&v, current, regs, i); + sd.args[i] = r ? 0 : v; + } + sd.instruction_pointer = KSTK_EIP(current); + + ret = __secure_computing(&sd); + if (ret == -1) + return ret; + } +#endif if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) trace_sys_enter(regs, regs->regs[2]);