| Message ID | 20141020184939.GD5451@outflux.net |
|---|---|
| State | New |
| Headers | show |
On Mon, Oct 20, 2014 at 11:49:39AM -0700, Kees Cook wrote: > Hi! > > This is to backport the seccomp thread-sync (and syscall) interface from > 3.17. There was some backporting needed in a few areas, as marked in > []s before my SoB in the series. The most notable is skipping various > new syscalls (which are wired to sys_ni_syscall). > > This has been tested against the seccomp regression test suite on > x86_64. I don't have a working Ubuntu ARM test environment, so that > is presently untested. The series is, however, based on the Chrome OS > backport to 3.14, which builds and works on ARM. In theory it should be > fine on Ubuntu too! :) > > This v2 fixes the ARM syscall count. (Specifically in > arch/arm/include/asm/unistd.h from "ARM: add seccomp syscall") > Thanks for fixing this, Kees. I only see a minor issue now: commit 8b4abf496654 ("ARM: add seccomp syscall") adds an entry to debian.master/changelog, which shouldn't happen. I'm also not sure we really care about commit e2357ea70fdd ("MIPS: add seccomp syscall"), but since it is contained to the arch/mips/ directory, it's probably not an issue. Cheers, -- Luís > Thanks! > > -Kees > > The following changes since commit 2d22fc7acd4f91209e5de492baceb84d8836e18c: > > UBUNTU: Ubuntu-3.13.0-38.65 (2014-10-09 10:32:10 +0100) > > are available in the git repository at: > > https://github.com/kees/linux.git ubuntu-trusty > > for you to fetch changes up to 665973e5b5459c9f0c8d9dd7934a4678713ac618: > > seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock (2014-10-20 11:38:55 -0700) > > ---------------------------------------------------------------- > Guenter Roeck (1): > seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock > > Kees Cook (11): > seccomp: create internal mode-setting function > seccomp: extract check/assign mode helpers > seccomp: split mode setting routines > seccomp: add "seccomp" syscall > ARM: add seccomp syscall > MIPS: add seccomp syscall > sched: move no_new_privs into new atomic flags > seccomp: split filter prep from check and apply > seccomp: introduce writer locking > seccomp: allow mode setting across threads > seccomp: implement SECCOMP_FILTER_FLAG_TSYNC > > Rashika Kheria (1): > UPSTREAM: kernel: Mark function as static in kernel/seccomp.c > > Will Deacon (1): > ARM: 8087/1: ptrace: reload syscall number after secure_computing() check > > arch/Kconfig | 1 + > arch/arm/include/asm/unistd.h | 2 +- > arch/arm/include/uapi/asm/unistd.h | 4 + > arch/arm/kernel/calls.S | 4 + > arch/arm/kernel/ptrace.c | 7 +- > arch/mips/include/uapi/asm/unistd.h | 24 ++- > arch/mips/kernel/scall32-o32.S | 4 + > arch/mips/kernel/scall64-64.S | 4 + > arch/mips/kernel/scall64-n32.S | 4 + > arch/mips/kernel/scall64-o32.S | 4 + > arch/x86/syscalls/syscall_32.tbl | 4 + > arch/x86/syscalls/syscall_64.tbl | 4 + > debian.master/changelog | 10 +- > fs/exec.c | 6 +- > include/linux/sched.h | 18 +- > include/linux/seccomp.h | 8 +- > include/linux/syscalls.h | 2 + > include/uapi/asm-generic/unistd.h | 10 +- > include/uapi/linux/seccomp.h | 7 + > kernel/fork.c | 49 ++++- > kernel/seccomp.c | 412 +++++++++++++++++++++++++++++++----- > kernel/sys.c | 4 +- > kernel/sys_ni.c | 3 + > security/apparmor/domain.c | 4 +- > 24 files changed, 515 insertions(+), 84 deletions(-) > > > > > > The following changes since commit 5a08fea5398ad558f2b2ee884ff93ddf6c34108a: > > > > UBUNTU: Ubuntu-3.13.0-37.64 (2014-09-22 15:51:48 -0400) > > > > are available in the git repository at: > > > > git@github.com:kees/linux.git ubuntu-trusty > > > > for you to fetch changes up to 0e61aac09d3c46fcddd3ee4dfa625d5e541ecea4: > > > > seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock (2014-10-08 13:57:11 -0700) > > > > ---------------------------------------------------------------- > > Guenter Roeck (1): > > seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock > > > > Kees Cook (11): > > seccomp: create internal mode-setting function > > seccomp: extract check/assign mode helpers > > seccomp: split mode setting routines > > seccomp: add "seccomp" syscall > > ARM: add seccomp syscall > > MIPS: add seccomp syscall > > sched: move no_new_privs into new atomic flags > > seccomp: split filter prep from check and apply > > seccomp: introduce writer locking > > seccomp: allow mode setting across threads > > seccomp: implement SECCOMP_FILTER_FLAG_TSYNC > > > > Rashika Kheria (1): > > UPSTREAM: kernel: Mark function as static in kernel/seccomp.c > > > > Will Deacon (1): > > ARM: 8087/1: ptrace: reload syscall number after secure_computing() check > > > > arch/Kconfig | 1 + > > arch/arm/include/uapi/asm/unistd.h | 4 + > > arch/arm/kernel/calls.S | 4 + > > arch/arm/kernel/ptrace.c | 7 +- > > arch/mips/include/uapi/asm/unistd.h | 24 +++- > > arch/mips/kernel/scall32-o32.S | 4 + > > arch/mips/kernel/scall64-64.S | 4 + > > arch/mips/kernel/scall64-n32.S | 4 + > > arch/mips/kernel/scall64-o32.S | 4 + > > arch/x86/syscalls/syscall_32.tbl | 4 + > > arch/x86/syscalls/syscall_64.tbl | 4 + > > fs/exec.c | 6 +- > > include/linux/sched.h | 18 ++- > > include/linux/seccomp.h | 8 +- > > include/linux/syscalls.h | 2 + > > include/uapi/asm-generic/unistd.h | 10 +- > > include/uapi/linux/seccomp.h | 7 + > > kernel/fork.c | 49 ++++++- > > kernel/seccomp.c | 412 ++++++++++++++++++++++++++++++++++++++++++++++++-------- > > kernel/sys.c | 4 +- > > kernel/sys_ni.c | 3 + > > security/apparmor/domain.c | 4 +- > > 22 files changed, 505 insertions(+), 82 deletions(-) > > > > > > -- > > Kees Cook > -- > Kees Cook
On Tue, Oct 21, 2014 at 11:21:18AM +0100, Luis Henriques wrote: > Thanks for fixing this, Kees. > > I only see a minor issue now: commit 8b4abf496654 ("ARM: add seccomp > syscall") adds an entry to debian.master/changelog, which shouldn't > happen. Argh. I will send a v3. Sorry! > I'm also not sure we really care about commit e2357ea70fdd ("MIPS: > add seccomp syscall"), but since it is contained to the arch/mips/ > directory, it's probably not an issue. I've included it for completeness, and ease of comparing the backport to the upstream series. -Kees
Hi! This is to backport the seccomp thread-sync (and syscall) interface from 3.17. There was some backporting needed in a few areas, as marked in []s before my SoB in the series. The most notable is skipping various new syscalls (which are wired to sys_ni_syscall). This has been tested against the seccomp regression test suite on x86_64. I don't have a working Ubuntu ARM test environment, so that is presently untested. The series is, however, based on the Chrome OS backport to 3.14, which builds and works on ARM. In theory it should be fine on Ubuntu too! :) This v2 fixes the ARM syscall count. (Specifically in arch/arm/include/asm/unistd.h from "ARM: add seccomp syscall") Thanks! -Kees The following changes since commit 2d22fc7acd4f91209e5de492baceb84d8836e18c: UBUNTU: Ubuntu-3.13.0-38.65 (2014-10-09 10:32:10 +0100) are available in the git repository at: https://github.com/kees/linux.git ubuntu-trusty for you to fetch changes up to 665973e5b5459c9f0c8d9dd7934a4678713ac618: seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock (2014-10-20 11:38:55 -0700) ---------------------------------------------------------------- Guenter Roeck (1): seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock Kees Cook (11): seccomp: create internal mode-setting function seccomp: extract check/assign mode helpers seccomp: split mode setting routines seccomp: add "seccomp" syscall ARM: add seccomp syscall MIPS: add seccomp syscall sched: move no_new_privs into new atomic flags seccomp: split filter prep from check and apply seccomp: introduce writer locking seccomp: allow mode setting across threads seccomp: implement SECCOMP_FILTER_FLAG_TSYNC Rashika Kheria (1): UPSTREAM: kernel: Mark function as static in kernel/seccomp.c Will Deacon (1): ARM: 8087/1: ptrace: reload syscall number after secure_computing() check arch/Kconfig | 1 + arch/arm/include/asm/unistd.h | 2 +- arch/arm/include/uapi/asm/unistd.h | 4 + arch/arm/kernel/calls.S | 4 + arch/arm/kernel/ptrace.c | 7 +- arch/mips/include/uapi/asm/unistd.h | 24 ++- arch/mips/kernel/scall32-o32.S | 4 + arch/mips/kernel/scall64-64.S | 4 + arch/mips/kernel/scall64-n32.S | 4 + arch/mips/kernel/scall64-o32.S | 4 + arch/x86/syscalls/syscall_32.tbl | 4 + arch/x86/syscalls/syscall_64.tbl | 4 + debian.master/changelog | 10 +- fs/exec.c | 6 +- include/linux/sched.h | 18 +- include/linux/seccomp.h | 8 +- include/linux/syscalls.h | 2 + include/uapi/asm-generic/unistd.h | 10 +- include/uapi/linux/seccomp.h | 7 + kernel/fork.c | 49 ++++- kernel/seccomp.c | 412 +++++++++++++++++++++++++++++++----- kernel/sys.c | 4 +- kernel/sys_ni.c | 3 + security/apparmor/domain.c | 4 +- 24 files changed, 515 insertions(+), 84 deletions(-) > > The following changes since commit 5a08fea5398ad558f2b2ee884ff93ddf6c34108a: > > UBUNTU: Ubuntu-3.13.0-37.64 (2014-09-22 15:51:48 -0400) > > are available in the git repository at: > > git@github.com:kees/linux.git ubuntu-trusty > > for you to fetch changes up to 0e61aac09d3c46fcddd3ee4dfa625d5e541ecea4: > > seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock (2014-10-08 13:57:11 -0700) > > ---------------------------------------------------------------- > Guenter Roeck (1): > seccomp: Replace BUG(!spin_is_locked()) with assert_spin_lock > > Kees Cook (11): > seccomp: create internal mode-setting function > seccomp: extract check/assign mode helpers > seccomp: split mode setting routines > seccomp: add "seccomp" syscall > ARM: add seccomp syscall > MIPS: add seccomp syscall > sched: move no_new_privs into new atomic flags > seccomp: split filter prep from check and apply > seccomp: introduce writer locking > seccomp: allow mode setting across threads > seccomp: implement SECCOMP_FILTER_FLAG_TSYNC > > Rashika Kheria (1): > UPSTREAM: kernel: Mark function as static in kernel/seccomp.c > > Will Deacon (1): > ARM: 8087/1: ptrace: reload syscall number after secure_computing() check > > arch/Kconfig | 1 + > arch/arm/include/uapi/asm/unistd.h | 4 + > arch/arm/kernel/calls.S | 4 + > arch/arm/kernel/ptrace.c | 7 +- > arch/mips/include/uapi/asm/unistd.h | 24 +++- > arch/mips/kernel/scall32-o32.S | 4 + > arch/mips/kernel/scall64-64.S | 4 + > arch/mips/kernel/scall64-n32.S | 4 + > arch/mips/kernel/scall64-o32.S | 4 + > arch/x86/syscalls/syscall_32.tbl | 4 + > arch/x86/syscalls/syscall_64.tbl | 4 + > fs/exec.c | 6 +- > include/linux/sched.h | 18 ++- > include/linux/seccomp.h | 8 +- > include/linux/syscalls.h | 2 + > include/uapi/asm-generic/unistd.h | 10 +- > include/uapi/linux/seccomp.h | 7 + > kernel/fork.c | 49 ++++++- > kernel/seccomp.c | 412 ++++++++++++++++++++++++++++++++++++++++++++++++-------- > kernel/sys.c | 4 +- > kernel/sys_ni.c | 3 + > security/apparmor/domain.c | 4 +- > 22 files changed, 505 insertions(+), 82 deletions(-) > > > -- > Kees Cook