mirror of
https://github.com/torvalds/linux.git
synced 2026-06-03 12:03:54 +02:00
6baaade155
Add secure_computing() call to syscall_trace_enter to actually filter system calls. Add necessary arch Kconfig options, define TIF_SECCOMP trace flag and provide basic seccomp filter support in asm/syscall.h syscall_get_nr currently uses the syscall nr stored in orig_d0 because we change d0 to a default return code before starting a syscall trace. This may be inconsistent with syscall_rollback copying orig_d0 to d0 (which we never check upon return from trace). We use d0 for the return code from syscall_trace_enter in entry.S currently, and could perhaps expand that to store a new syscall number returned by the seccomp filter before executing the syscall. This clearly needs some discussion. seccomp_bpf self test on ARAnyM passes 81 out of 94 tests. Signed-off-by: Michael Schmitz <schmitzmic@gmail.com> Reviewed-by: Geert Uytterhoeven <geert@linux-m68k.org> Link: https://lore.kernel.org/r/20230112035529.13521-3-schmitzmic@gmail.com Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org> |
||
|---|---|---|
| .. | ||
| 68000 | ||
| amiga | ||
| apollo | ||
| atari | ||
| bvme6000 | ||
| coldfire | ||
| configs | ||
| emu | ||
| fpsp040 | ||
| hp300 | ||
| ifpsp060 | ||
| include | ||
| kernel | ||
| lib | ||
| mac | ||
| math-emu | ||
| mm | ||
| mvme16x | ||
| mvme147 | ||
| q40 | ||
| sun3 | ||
| sun3x | ||
| tools/amiga | ||
| virt | ||
| install.sh | ||
| Kbuild | ||
| Kconfig | ||
| Kconfig.bus | ||
| Kconfig.cpu | ||
| Kconfig.debug | ||
| Kconfig.devices | ||
| Kconfig.machine | ||
| Makefile | ||