forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/arch/arm64/include/asm
History
Kees Cook e985fd474d seccomp: add "seccomp" syscall 
This adds the new "seccomp" syscall with both an "operation" and "flags"
parameter for future expansion. The third argument is a pointer value,
used with the SECCOMP_SET_MODE_FILTER operation. Currently, flags must
be 0. This is functionally equivalent to prctl(PR_SET_SECCOMP, ...).

In addition to the TSYNC flag later in this patch series, there is a
non-zero chance that this syscall could be used for configuring a fixed
argument area for seccomp-tracer-aware processes to pass syscall arguments
in the future. Hence, the use of "seccomp" not simply "seccomp_add_filter"
for this syscall. Additionally, this syscall uses operation, flags,
and user pointer for arguments because strictly passing arguments via
a user pointer would mean seccomp itself would be unable to trivially
filter the seccomp syscall itself.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Andy Lutomirski <luto@amacapital.net>

Conflicts:
	arch/x86/syscalls/syscall_32.tbl
	arch/x86/syscalls/syscall_64.tbl
	include/uapi/asm-generic/unistd.h
	kernel/seccomp.c

And fixup of unistd32.h to truly enable sys_secomp.

Change-Id: I95bea02382c52007d22e5e9dc563c7d055c2c83f
2014-10-07 16:42:32 -07:00
..
arch_timer.h ARM: convert arm/arm64 arch timer to use CLKSRC_OF init 2013-04-11 15:11:15 -05:00
asm-offsets.h
assembler.h arm64: debug: fix mdscr.ss check when enabling debug exceptions 2013-05-17 18:24:19 +01:00
atomic.h arm64: atomics: fix grossly inconsistent asm constraints for exclusives 2013-02-11 18:16:41 +00:00
barrier.h arch: Introduce smp_load_acquire(), smp_store_release() 2014-10-07 16:42:29 -07:00
bitops.h arm64: klib: Optimised atomic bitops 2013-03-21 17:39:31 +00:00
cache.h arm64: Cache maintenance routines 2012-09-17 13:42:00 +01:00
cacheflush.h arm64: Convert empty flush_cache_{mm,page} functions to static inline 2012-11-23 18:15:32 +00:00
cachetype.h arm64: Cache maintenance routines 2012-09-17 13:42:00 +01:00
cmpxchg.h arm64: cmpxchg: update macros to prevent warnings 2014-02-25 10:10:09 -08:00
compat.h arm64: add SIGSYS siginfo for compat task 2014-10-07 15:31:24 -07:00
compiler.h arm64: Miscellaneous header files 2012-09-17 13:42:21 +01:00
cpufeature.h arm64: enable generic CPU feature modalias matching for this architecture 2014-08-28 10:24:28 -07:00
cputable.h arm64: CPU support 2012-09-17 13:41:59 +01:00
cputype.h arm64: drop redundant macros from read_cpuid() 2014-09-17 16:14:12 -07:00
debug-monitors.h arm64: debug: consolidate software breakpoint handlers 2014-09-12 13:32:28 -07:00
device.h arm64: Device specific operations 2012-09-17 13:42:04 +01:00
dma-mapping.h ARM64: dma_debug: add debug_dma_mapping_error support 2012-11-28 15:28:57 +01:00
elf.h Move the EM_ARM and EM_AARCH64 definitions to uapi/linux/elf-em.h 2014-09-17 18:08:36 -07:00
esr.h arm64: add explicit symbols to ESR_EL1 decoding 2013-04-17 15:58:25 +01:00
exception.h arm64: Use irqchip_init() for interrupt controller initialisation 2013-03-26 16:02:23 +00:00
exec.h arm64: Miscellaneous header files 2012-09-17 13:42:21 +01:00
fb.h arm64: Device specific operations 2012-09-17 13:42:04 +01:00
fpsimd.h arm64: add support for kernel mode NEON in interrupt context 2014-08-28 10:22:27 -07:00
fpsimdmacros.h arm64: add support for kernel mode NEON in interrupt context 2014-08-28 10:22:27 -07:00
futex.h arm64: atomics: fix grossly inconsistent asm constraints for exclusives 2013-02-11 18:16:41 +00:00
hardirq.h arm64: Use irqchip_init() for interrupt controller initialisation 2013-03-26 16:02:23 +00:00
hw_breakpoint.h arm64: Debugging support 2012-09-17 13:42:14 +01:00
hwcap.h arm64: advertise ARMv8 extensions to 32-bit compat ELF binaries 2014-09-11 17:21:56 +00:00
io.h arm64: Define readq and writeq for driver module using 2013-04-19 13:57:46 +01:00
irq.h arm64: Use irqchip_init() for interrupt controller initialisation 2013-03-26 16:02:23 +00:00
irqflags.h arm64: IRQ handling 2012-09-17 13:42:02 +01:00
Kbuild arm64: pull in <asm/simd.h> from asm-generic 2014-08-28 14:30:29 -07:00
linkage.h arm64: fix alignment padding in assembly code 2012-10-20 11:12:01 +01:00
memblock.h arm64: MMU initialisation 2012-09-17 13:41:56 +01:00
memory.h arm64: Add simple earlyprintk support 2013-01-22 17:51:01 +00:00
mmu.h arm64: Add simple earlyprintk support 2013-01-22 17:51:01 +00:00
mmu_context.h arm64: mm: update CONTEXTIDR register to contain PID of current process 2013-02-11 18:24:18 +00:00
module.h arm64: Loadable modules 2012-09-17 13:42:19 +01:00
neon.h arm64: add support for kernel mode NEON in interrupt context 2014-08-28 10:22:27 -07:00
opcodes.h arm64: copy conditional instruction tests from arm 2014-09-12 13:32:56 -07:00
page.h arm64: MMU fault handling and page table management 2012-09-17 13:41:57 +01:00
perf_event.h arm64: perf: add guest vs host discrimination 2013-01-29 16:56:17 +00:00
pgalloc.h arm64: MMU fault handling and page table management 2012-09-17 13:41:57 +01:00
pgtable-2level-hwdef.h arm64: MMU definitions 2012-09-17 13:41:56 +01:00
pgtable-2level-types.h arm64: MMU definitions 2012-09-17 13:41:56 +01:00
pgtable-3level-hwdef.h arm64: MMU definitions 2012-09-17 13:41:56 +01:00
pgtable-3level-types.h Fix aarch64 build issue with ION 2014-01-31 14:34:43 -08:00
pgtable-hwdef.h arm64: mm: permit use of tagged pointers at EL0 2014-01-17 09:42:35 +00:00
pgtable.h arm64: mm: introduce present, faulting entries for PAGE_NONE 2013-01-10 10:48:48 +00:00
pmu.h arm64: Performance counters support 2012-09-17 13:42:17 +01:00
proc-fns.h arm64: CPU support 2012-09-17 13:41:59 +01:00
processor.h arm64: report correct stack pointer in KSTK_ESP for compat tasks 2014-08-29 16:49:10 -07:00
prom.h arm64: Build infrastructure 2012-09-17 13:42:21 +01:00
psci.h arm64: psci: add support for PSCI invocations from the kernel 2013-01-29 16:56:37 +00:00
ptrace.h arm64: add seccomp support 2014-10-07 15:37:32 -07:00
seccomp.h arm64: add seccomp support 2014-10-07 15:37:32 -07:00
shmparam.h arm64: ELF definitions 2012-09-17 13:42:07 +01:00
sigcontext.h UAPI: (Scripted) Disintegrate arch/arm64/include/asm 2012-10-11 11:05:13 +01:00
signal32.h arm64: 32-bit (compat) applications support 2012-09-17 13:42:12 +01:00
smp.h arm64: SMP: enable PSCI boot method 2013-01-29 16:56:37 +00:00
smp_plat.h arm64: kernel: initialise cpu_logical_map from the DT 2013-03-20 17:26:24 +00:00
sparsemem.h arm64: MMU definitions 2012-09-17 13:41:56 +01:00
spinlock.h arm64: atomics: fix grossly inconsistent asm constraints for exclusives 2013-02-11 18:16:41 +00:00
spinlock_types.h arm64: SMP support 2012-09-17 13:42:06 +01:00
stacktrace.h arm64: Exception handling 2012-09-17 10:24:46 +01:00
stat.h UAPI: (Scripted) Disintegrate arch/arm64/include/asm 2012-10-11 11:05:13 +01:00
string.h arm64: klib: Optimised string functions 2013-03-21 17:39:30 +00:00
syscall.h arm64: Add audit support 2014-09-17 18:09:50 -07:00
syscalls.h arm64: switch to generic sigaltstack 2013-02-14 09:17:29 -05:00
system_misc.h arm64: vexpress: Add support for poweroff/restart 2013-05-08 10:23:00 +01:00
thread_info.h arm64: make a single hook to syscall_trace() for all syscall features 2014-09-17 17:51:51 -07:00
timex.h arm64: Generic timers support 2012-09-17 13:42:20 +01:00
tlb.h arm64: TLB maintenance functionality 2012-09-17 13:42:01 +01:00
tlbflush.h arm64: TLB maintenance functionality 2012-09-17 13:42:01 +01:00
traps.h arm64: add undefined instruction handler hooks 2014-09-12 17:29:37 -07:00
uaccess.h arm64: User access library functions 2012-09-17 13:42:11 +01:00
ucontext.h arm64: fix padding computation in struct ucontext 2013-03-18 10:42:16 +00:00
unistd.h arm64: add seccomp support 2014-10-07 15:37:32 -07:00
unistd32.h seccomp: add "seccomp" syscall 2014-10-07 16:42:32 -07:00
vdso.h arm64: VDSO support 2012-09-17 13:42:09 +01:00
vdso_datapage.h arm64: VDSO support 2012-09-17 13:42:09 +01:00
virt.h arm64: add hypervisor stub 2012-12-05 11:26:49 +00:00