From: David Daney <david.daney@xxxxxxxxxx> [ Upstream commit 669c4092225f0ed5df12ebee654581b558a5e3ed ] KProbes of __seccomp_filter() are not very useful without access to the syscall arguments. Do what x86 does, and populate a struct seccomp_data to be passed to __secure_computing(). This allows samples/bpf/tracex5 to extract a sensible trace. Signed-off-by: David Daney <david.daney@xxxxxxxxxx> Cc: Alexei Starovoitov <ast@xxxxxxxxxx> Cc: Daniel Borkmann <daniel@xxxxxxxxxxxxx> Cc: Matt Redfearn <matt.redfearn@xxxxxxxxxx> Cc: netdev@xxxxxxxxxxxxxxx Cc: linux-kernel@xxxxxxxxxxxxxxx Cc: linux-mips@xxxxxxxxxxxxxx Patchwork: https://patchwork.linux-mips.org/patch/16368/ Signed-off-by: Ralf Baechle <ralf@xxxxxxxxxxxxxx> Signed-off-by: Sasha Levin <alexander.levin@xxxxxxxxxxxxx> --- arch/mips/kernel/ptrace.c | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c index 0c8ae2cc6380..956dae7e6a69 100644 --- a/arch/mips/kernel/ptrace.c +++ b/arch/mips/kernel/ptrace.c @@ -1011,8 +1011,26 @@ asmlinkage long syscall_trace_enter(struct pt_regs *regs, long syscall) tracehook_report_syscall_entry(regs)) return -1; - if (secure_computing(NULL) == -1) - return -1; +#ifdef CONFIG_SECCOMP + if (unlikely(test_thread_flag(TIF_SECCOMP))) { + int ret, i; + struct seccomp_data sd; + + sd.nr = syscall; + sd.arch = syscall_get_arch(); + for (i = 0; i < 6; i++) { + unsigned long v, r; + + r = mips_get_syscall_arg(&v, current, regs, i); + sd.args[i] = r ? 0 : v; + } + sd.instruction_pointer = KSTK_EIP(current); + + ret = __secure_computing(&sd); + if (ret == -1) + return ret; + } +#endif if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT))) trace_sys_enter(regs, regs->regs[2]); -- 2.15.1
