Re: [PATCH v5 2/3] asm-generic: Add generic seccomp.h for secure computing mode 1

From: AKASHI Takahiro
Date: Fri Jul 25 2014 - 04:52:35 EST

Next message: JiÅÃ Prchal: "Re: [PATCH] ARM: at91: at91sam9x5: sets NPCS0 (PA14) back to GPIO"
Previous message: Alexandre Belloni: "Re: [PATCH] ARM: at91: at91sam9x5: sets NPCS0 (PA14) back to GPIO"
In reply to: Andy Lutomirski: "Re: [PATCH v5 2/3] asm-generic: Add generic seccomp.h for secure computing mode 1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 07/24/2014 11:57 PM, Andy Lutomirski wrote:

On Jul 23, 2014 10:17 PM, "AKASHI Takahiro" <takahiro.akashi@xxxxxxxxxx> wrote:

On 07/24/2014 01:41 PM, Kees Cook wrote:

On Wed, Jul 23, 2014 at 8:40 PM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:

On 07/22/2014 02:14 AM, AKASHI Takahiro wrote:

Those values (__NR_seccomp_*) are used solely in secure_computing()
to identify mode 1 system calls. If compat system calls have different
syscall numbers, asm/seccomp.h may override them.

Acked-by: Arnd Bergmann <arnd@xxxxxxxx>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@xxxxxxxxxx>
---
include/asm-generic/seccomp.h | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
create mode 100644 include/asm-generic/seccomp.h

diff --git a/include/asm-generic/seccomp.h b/include/asm-generic/seccomp.h
new file mode 100644
index 0000000..5e97022
--- /dev/null
+++ b/include/asm-generic/seccomp.h
@@ -0,0 +1,28 @@
+/*
+ * include/asm-generic/seccomp.h
+ *
+ * Copyright (C) 2014 Linaro Limited
+ * Author: AKASHI Takahiro <takahiro.akashi@xxxxxxxxxx>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+#ifndef _ASM_GENERIC_SECCOMP_H
+#define _ASM_GENERIC_SECCOMP_H
+
+#include <asm-generic/unistd.h>
+
+#if defined(CONFIG_COMPAT) && !defined(__NR_seccomp_read_32)
+#define __NR_seccomp_read_32 __NR_read
+#define __NR_seccomp_write_32 __NR_write
+#define __NR_seccomp_exit_32 __NR_exit
+#define __NR_seccomp_sigreturn_32 __NR_rt_sigreturn
+#endif /* CONFIG_COMPAT && ! already defined */
+
+#define __NR_seccomp_read __NR_read
+#define __NR_seccomp_write __NR_write
+#define __NR_seccomp_exit __NR_exit
+#define __NR_seccomp_sigreturn __NR_rt_sigreturn

I don't like these names. __NR_seccomp_read sounds like the number of a
syscall called seccomp_read.

Also, shouldn't something be including this header? I'm confused.

Ah! Good catch. These names are correct (see kernel/seccomp.c's
mode1_syscalls and mode1_syscalls_32 arrays), but the location of this
change was unexpected. I was expecting this file to live in
arch/*/include/asm/seccomp.h, not in include/asm-generic/seccomp.h.

However, since it's always the same list, it might make sense to
consolidate them into a single place as a default to make arch porting
easier.

Yeah, that is why I put this file under include/asm-generic.

It seems odd that the header would be added without any users. I
guess it's okay, since arm64 uses it in the followup patch.

However, I think that should be a separate patch.

Do you mean that the code for all the existing archs should also be changed
to use this (common) header?

If that works, yes.

As is often the case, the patch itself is quite simple, but I can't
test it on other architectures.

-Takahiro AKASHI

--Andy

-Takahiro AKASHI

-Kees

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: JiÅÃ Prchal: "Re: [PATCH] ARM: at91: at91sam9x5: sets NPCS0 (PA14) back to GPIO"
Previous message: Alexandre Belloni: "Re: [PATCH] ARM: at91: at91sam9x5: sets NPCS0 (PA14) back to GPIO"
In reply to: Andy Lutomirski: "Re: [PATCH v5 2/3] asm-generic: Add generic seccomp.h for secure computing mode 1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]