2.6.32-longterm review patch. If anyone has any objections, please let me know. ------------------ From: Markos Chandras <markos.chandras@xxxxxxxxxx> Add _TIF_SECCOMP flag to _TIF_WORK_SYSCALL_ENTRY to indicate that the system call needs to be checked against a seccomp filter. Signed-off-by: Markos Chandras <markos.chandras@xxxxxxxxxx> Reviewed-by: Paul Burton <paul.burton@xxxxxxxxxx> Reviewed-by: James Hogan <james.hogan@xxxxxxxxxx> Cc: linux-mips@xxxxxxxxxxxxxx Patchwork: https://patchwork.linux-mips.org/patch/6405/ Signed-off-by: Ralf Baechle <ralf@xxxxxxxxxxxxxx> (cherry picked from commit 137f7df8cead00688524c82360930845396b8a21) [wt: fixes CVE-2014-4157 - no _TIF_NOHZ nor _TIF_SYSCALL_TRACEPOINT in 2.6.32] Signed-off-by: Willy Tarreau <w@xxxxxx> --- arch/mips/include/asm/thread_info.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/mips/include/asm/thread_info.h b/arch/mips/include/asm/thread_info.h index 2ef1662..b0e25eb 100644 --- a/arch/mips/include/asm/thread_info.h +++ b/arch/mips/include/asm/thread_info.h @@ -145,7 +145,8 @@ register struct thread_info *__current_thread_info __asm__("$28"); #define _TIF_FPUBOUND (1<<TIF_FPUBOUND) #define _TIF_LOAD_WATCH (1<<TIF_LOAD_WATCH) -#define _TIF_WORK_SYSCALL_ENTRY (_TIF_SYSCALL_TRACE | _TIF_SYSCALL_AUDIT) +#define _TIF_WORK_SYSCALL_ENTRY (_TIF_SYSCALL_TRACE | \ + _TIF_SYSCALL_AUDIT | _TIF_SECCOMP) /* work to do on interrupt/exception return */ #define _TIF_WORK_MASK (0x0000ffef & ~_TIF_SECCOMP) -- 1.7.12.2.21.g234cd45.dirty