Hi Adrian,
On Wed, Aug 26, 2020 at 2:35 PM John Paul Adrian Glaubitz
<glaubitz@xxxxxxxxxxxxxxxxxxx> wrote:
On 8/26/20 2:32 PM, Geert Uytterhoeven wrote:
#include <linux/uaccess.h>
#include <asm/page.h>
@@ -277,6 +278,9 @@ asmlinkage int syscall_trace_enter(void)
if (test_thread_flag(TIF_SYSCALL_TRACE))
ret = tracehook_report_syscall_entry(task_pt_regs(current));
+
+ secure_computing_strict(task_pt_regs(current)->orig_d0);
+
That part is outdated. It was removed in the second commit I posted, see:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/arch/sh?id=0bb605c2c7f2b4b314b91510810b226de7f34fa1
That's the part which adds seccomp filter support.
Do you have the check of the return value already in syscall_trace_entry?
It should check for "-1" and jump to syscall_exit if true.
No, as that's needed only for seccomp filter support, AFAIU.
Have a look at arm, where seccomp filter support is optional, depending on ABI.
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
