ARM: SECCOMP support
Signed-off-by: Nicolas Pitre <nicolas.pitre@linaro.org>
This commit is contained in:
parent
087aaffcdf
commit
70c70d9780
|
@ -1463,6 +1463,20 @@ config UACCESS_WITH_MEMCPY
|
|||
However, if the CPU data cache is using a write-allocate mode,
|
||||
this option is unlikely to provide any performance gain.
|
||||
|
||||
config SECCOMP
|
||||
bool
|
||||
prompt "Enable seccomp to safely compute untrusted bytecode"
|
||||
---help---
|
||||
This kernel feature is useful for number crunching applications
|
||||
that may need to compute untrusted bytecode during their
|
||||
execution. By using pipes or other transports made available to
|
||||
the process as file descriptors supporting the read/write
|
||||
syscalls, it's possible to isolate those applications in
|
||||
their own address space using seccomp. Once seccomp is
|
||||
enabled via prctl(PR_SET_SECCOMP), it cannot be disabled
|
||||
and the task is only allowed to execute a few safe syscalls
|
||||
defined by each seccomp mode.
|
||||
|
||||
config CC_STACKPROTECTOR
|
||||
bool "Enable -fstack-protector buffer overflow detection (EXPERIMENTAL)"
|
||||
help
|
||||
|
|
|
@ -0,0 +1,11 @@
|
|||
#ifndef _ASM_ARM_SECCOMP_H
|
||||
#define _ASM_ARM_SECCOMP_H
|
||||
|
||||
#include <linux/unistd.h>
|
||||
|
||||
#define __NR_seccomp_read __NR_read
|
||||
#define __NR_seccomp_write __NR_write
|
||||
#define __NR_seccomp_exit __NR_exit
|
||||
#define __NR_seccomp_sigreturn __NR_rt_sigreturn
|
||||
|
||||
#endif /* _ASM_ARM_SECCOMP_H */
|
|
@ -144,6 +144,7 @@ extern void vfp_flush_hwstate(struct thread_info *);
|
|||
#define TIF_MEMDIE 18 /* is terminating due to OOM killer */
|
||||
#define TIF_FREEZE 19
|
||||
#define TIF_RESTORE_SIGMASK 20
|
||||
#define TIF_SECCOMP 21
|
||||
|
||||
#define _TIF_SIGPENDING (1 << TIF_SIGPENDING)
|
||||
#define _TIF_NEED_RESCHED (1 << TIF_NEED_RESCHED)
|
||||
|
@ -153,6 +154,7 @@ extern void vfp_flush_hwstate(struct thread_info *);
|
|||
#define _TIF_USING_IWMMXT (1 << TIF_USING_IWMMXT)
|
||||
#define _TIF_FREEZE (1 << TIF_FREEZE)
|
||||
#define _TIF_RESTORE_SIGMASK (1 << TIF_RESTORE_SIGMASK)
|
||||
#define _TIF_SECCOMP (1 << TIF_SECCOMP)
|
||||
|
||||
/*
|
||||
* Change these and you break ASM code in entry-common.S
|
||||
|
|
|
@ -295,7 +295,6 @@ ENTRY(vector_swi)
|
|||
|
||||
get_thread_info tsk
|
||||
adr tbl, sys_call_table @ load syscall table pointer
|
||||
ldr ip, [tsk, #TI_FLAGS] @ check for syscall tracing
|
||||
|
||||
#if defined(CONFIG_OABI_COMPAT)
|
||||
/*
|
||||
|
@ -312,8 +311,20 @@ ENTRY(vector_swi)
|
|||
eor scno, scno, #__NR_SYSCALL_BASE @ check OS number
|
||||
#endif
|
||||
|
||||
ldr r10, [tsk, #TI_FLAGS] @ check for syscall tracing
|
||||
stmdb sp!, {r4, r5} @ push fifth and sixth args
|
||||
tst ip, #_TIF_SYSCALL_TRACE @ are we tracing syscalls?
|
||||
|
||||
#ifdef CONFIG_SECCOMP
|
||||
tst r10, #_TIF_SECCOMP
|
||||
beq 1f
|
||||
mov r0, scno
|
||||
bl __secure_computing
|
||||
add r0, sp, #S_R0 + S_OFF @ pointer to regs
|
||||
ldmia r0, {r0 - r3} @ have to reload r0 - r3
|
||||
1:
|
||||
#endif
|
||||
|
||||
tst r10, #_TIF_SYSCALL_TRACE @ are we tracing syscalls?
|
||||
bne __sys_trace
|
||||
|
||||
cmp scno, #NR_syscalls @ check upper syscall limit
|
||||
|
|
Loading…
Reference in New Issue