Re: [PATCH 3.15] MIPS: Add new AUDIT_ARCH token for the N32 ABI on MIPS64

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 04/30/2014 10:24 AM, Markos Chandras wrote:
> On 04/24/2014 08:19 PM, Paul Moore wrote:
>> On Tuesday, April 22, 2014 03:40:36 PM Markos Chandras wrote:
>>> A MIPS64 kernel may support ELF files for all 3 MIPS ABIs
>>> (O32, N32, N64). Furthermore, the AUDIT_ARCH_MIPS{,EL}64 token
>>> does not provide enough information about the ABI for the 64-bit
>>> process. As a result of which, userland needs to use complex
>>> seccomp filters to decide whether a syscall belongs to the o32 or n32
>>> or n64 ABI. Therefore, a new arch token for MIPS64/n32 is added so it
>>> can be used by seccomp to explicitely set syscall filters for this ABI.
>>>
>>> Link: http://sourceforge.net/p/libseccomp/mailman/message/32239040/
>>> Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
>>> Cc: Eric Paris <eparis@xxxxxxxxxx>
>>> Cc: Paul Moore <pmoore@xxxxxxxxxx>
>>> Cc: Ralf Baechle <ralf@xxxxxxxxxxxxxx>
>>> Signed-off-by: Markos Chandras <markos.chandras@xxxxxxxxxx>
>>> ---
>>> Ralf, can we please have this in 3.15 (Assuming it's ACK'd)?
>>>
>>> Thanks a lot!
>>> ---
>>>  arch/mips/include/asm/syscall.h |  2 ++
>>>  include/uapi/linux/audit.h      | 12 ++++++++++++
>>>  2 files changed, 14 insertions(+)
>>
>> I'm far from qualified to ACK any MIPS specific patches, but I do want to add 
>> my support for this patch.  As Markos states above, without this patch any 
>> seccomp BPF code will be more complex than necessary (see x32 for an idea) and 
>> projects that try to abstract away the arch/ABI specific nature of the BPF 
>> seccomp filters will be have to do a lot more work.  Please merge this patch, 
>> or something similar, along with the MIPS BPF seccomp filters in 3.15; waiting 
>> until 3.16 will be too late.
>>
>> I also don't want to speak for the audit folks (Eric?), but I think you'll 
>> hear that this patch makes life much easier for them as well.
>>
>> Thanks,
>> -Paul
> 
> Ralf ping? Can we please have this in 3.15 so userspace application get
> the updated token instead of using the AUDIT_ARCH_MIPS{,EL}64 for both
> n32 and n64? It may be harder to change it once 3.15 is released (ABI
> break).
> 

Ralf ping again? With -r5 approaching, there might be limited time left
to push this.

-- 
markos
[Index of Archives]     [Linux MIPS Home]     [LKML Archive]     [Linux ARM Kernel]     [Linux ARM]     [Linux]     [Git]     [Yosemite News]     [Linux SCSI]     [Linux Hams]

  Powered by Linux