Loading arch/sparc/kernel/systbls.S +2 −2 Original line number Diff line number Diff line Loading @@ -57,11 +57,11 @@ sys_call_table: /*180*/ .long sys_flistxattr, sys_removexattr, sys_lremovexattr, sys_sigpending, sys_ni_syscall /*185*/ .long sys_setpgid, sys_fremovexattr, sys_tkill, sys_exit_group, sys_newuname /*190*/ .long sys_init_module, sys_personality, sparc_remap_file_pages, sys_epoll_create, sys_epoll_ctl /*195*/ .long sys_epoll_wait, sys_nis_syscall, sys_getppid, sparc_sigaction, sys_sgetmask /*195*/ .long sys_epoll_wait, sys_ioprio_set, sys_getppid, sparc_sigaction, sys_sgetmask /*200*/ .long sys_ssetmask, sys_sigsuspend, sys_newlstat, sys_uselib, old_readdir /*205*/ .long sys_readahead, sys_socketcall, sys_syslog, sys_lookup_dcookie, sys_fadvise64 /*210*/ .long sys_fadvise64_64, sys_tgkill, sys_waitpid, sys_swapoff, sys_sysinfo /*215*/ .long sys_ipc, sys_sigreturn, sys_clone, sys_nis_syscall, sys_adjtimex /*215*/ .long sys_ipc, sys_sigreturn, sys_clone, sys_ioprio_get, sys_adjtimex /*220*/ .long sys_sigprocmask, sys_ni_syscall, sys_delete_module, sys_ni_syscall, sys_getpgid /*225*/ .long sys_bdflush, sys_sysfs, sys_nis_syscall, sys_setfsuid16, sys_setfsgid16 /*230*/ .long sys_select, sys_time, sys_nis_syscall, sys_stime, sys_statfs64 Loading arch/sparc64/Kconfig +17 −0 Original line number Diff line number Diff line Loading @@ -43,6 +43,23 @@ config SPARC64_PAGE_SIZE_4MB endchoice config SECCOMP bool "Enable seccomp to safely compute untrusted bytecode" depends on PROC_FS default y help This kernel feature is useful for number crunching applications that may need to compute untrusted bytecode during their execution. By using pipes or other transports made available to the process as file descriptors supporting the read/write syscalls, it's possible to isolate those applications in their own address space using seccomp. Once seccomp is enabled via /proc/<pid>/seccomp, it cannot be disabled and the task is only allowed to execute a few safe syscalls defined by each seccomp mode. If unsure, say Y. Only embedded should say N here. source kernel/Kconfig.hz source "init/Kconfig" Loading arch/sparc64/kernel/entry.S +14 −28 Original line number Diff line number Diff line Loading @@ -22,8 +22,6 @@ #include <asm/estate.h> #include <asm/auxio.h> /* #define SYSCALL_TRACING 1 */ #define curptr g6 #define NR_SYSCALLS 284 /* Each OS is different... */ Loading Loading @@ -1554,11 +1552,12 @@ sys_ptrace: add %sp, PTREGS_OFF, %o0 nop .align 32 1: ldx [%curptr + TI_FLAGS], %l5 andcc %l5, _TIF_SYSCALL_TRACE, %g0 andcc %l5, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %g0 be,pt %icc, rtrap clr %l6 add %sp, PTREGS_OFF, %o0 call syscall_trace nop mov 1, %o1 ba,pt %xcc, rtrap clr %l6 Loading Loading @@ -1642,18 +1641,20 @@ linux_sparc_ni_syscall: or %l7, %lo(sys_ni_syscall), %l7 linux_syscall_trace32: add %sp, PTREGS_OFF, %o0 call syscall_trace nop clr %o1 srl %i0, 0, %o0 mov %i4, %o4 srl %i4, 0, %o4 srl %i1, 0, %o1 srl %i2, 0, %o2 b,pt %xcc, 2f srl %i3, 0, %o3 linux_syscall_trace: add %sp, PTREGS_OFF, %o0 call syscall_trace nop clr %o1 mov %i0, %o0 mov %i1, %o1 mov %i2, %o2 Loading @@ -1671,11 +1672,6 @@ linux_sparc_syscall32: bgeu,pn %xcc, linux_sparc_ni_syscall ! CTI srl %i0, 0, %o0 ! IEU0 sll %g1, 2, %l4 ! IEU0 Group #ifdef SYSCALL_TRACING call syscall_trace_entry add %sp, PTREGS_OFF, %o0 srl %i0, 0, %o0 #endif srl %i4, 0, %o4 ! IEU1 lduw [%l7 + %l4], %l7 ! Load srl %i1, 0, %o1 ! IEU0 Group Loading @@ -1683,7 +1679,7 @@ linux_sparc_syscall32: srl %i5, 0, %o5 ! IEU1 srl %i2, 0, %o2 ! IEU0 Group andcc %l0, _TIF_SYSCALL_TRACE, %g0 ! IEU0 Group andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %g0 bne,pn %icc, linux_syscall_trace32 ! CTI mov %i0, %l5 ! IEU1 call %l7 ! CTI Group brk forced Loading @@ -1699,11 +1695,6 @@ linux_sparc_syscall: bgeu,pn %xcc, linux_sparc_ni_syscall ! CTI mov %i0, %o0 ! IEU0 sll %g1, 2, %l4 ! IEU0 Group #ifdef SYSCALL_TRACING call syscall_trace_entry add %sp, PTREGS_OFF, %o0 mov %i0, %o0 #endif mov %i1, %o1 ! IEU1 lduw [%l7 + %l4], %l7 ! Load 4: mov %i2, %o2 ! IEU0 Group Loading @@ -1711,7 +1702,7 @@ linux_sparc_syscall: mov %i3, %o3 ! IEU1 mov %i4, %o4 ! IEU0 Group andcc %l0, _TIF_SYSCALL_TRACE, %g0 ! IEU1 Group+1 bubble andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %g0 bne,pn %icc, linux_syscall_trace ! CTI Group mov %i0, %l5 ! IEU0 2: call %l7 ! CTI Group brk forced Loading @@ -1720,12 +1711,6 @@ linux_sparc_syscall: 3: stx %o0, [%sp + PTREGS_OFF + PT_V9_I0] ret_sys_call: #ifdef SYSCALL_TRACING mov %o0, %o1 call syscall_trace_exit add %sp, PTREGS_OFF, %o0 mov %o1, %o0 #endif ldx [%sp + PTREGS_OFF + PT_V9_TSTATE], %g3 ldx [%sp + PTREGS_OFF + PT_V9_TNPC], %l1 ! pc = npc sra %o0, 0, %o0 Loading @@ -1745,7 +1730,7 @@ ret_sys_call: 1: cmp %o0, -ERESTART_RESTARTBLOCK bgeu,pn %xcc, 1f andcc %l0, _TIF_SYSCALL_TRACE, %l6 andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %l6 80: /* System call success, clear Carry condition code. */ andn %g3, %g2, %g3 Loading @@ -1760,7 +1745,7 @@ ret_sys_call: /* System call failure, set Carry condition code. * Also, get abs(errno) to return to the process. */ andcc %l0, _TIF_SYSCALL_TRACE, %l6 andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %l6 sub %g0, %o0, %o0 or %g3, %g2, %g3 stx %o0, [%sp + PTREGS_OFF + PT_V9_I0] Loading @@ -1773,8 +1758,9 @@ ret_sys_call: b,pt %xcc, rtrap stx %l2, [%sp + PTREGS_OFF + PT_V9_TNPC] linux_syscall_trace2: add %sp, PTREGS_OFF, %o0 call syscall_trace nop mov 1, %o1 stx %l1, [%sp + PTREGS_OFF + PT_V9_TPC] ba,pt %xcc, rtrap stx %l2, [%sp + PTREGS_OFF + PT_V9_TNPC] Loading arch/sparc64/kernel/power.c +2 −1 Original line number Diff line number Diff line Loading @@ -4,6 +4,8 @@ * Copyright (C) 1999 David S. Miller (davem@redhat.com) */ #define __KERNEL_SYSCALLS__ #include <linux/config.h> #include <linux/kernel.h> #include <linux/module.h> Loading @@ -17,7 +19,6 @@ #include <asm/ebus.h> #include <asm/auxio.h> #define __KERNEL_SYSCALLS__ #include <linux/unistd.h> /* Loading arch/sparc64/kernel/ptrace.c +34 −12 Original line number Diff line number Diff line Loading @@ -19,6 +19,8 @@ #include <linux/smp.h> #include <linux/smp_lock.h> #include <linux/security.h> #include <linux/seccomp.h> #include <linux/audit.h> #include <linux/signal.h> #include <asm/asi.h> Loading Loading @@ -628,15 +630,27 @@ out: unlock_kernel(); } asmlinkage void syscall_trace(void) asmlinkage void syscall_trace(struct pt_regs *regs, int syscall_exit_p) { #ifdef DEBUG_PTRACE printk("%s [%d]: syscall_trace\n", current->comm, current->pid); #endif if (!test_thread_flag(TIF_SYSCALL_TRACE)) return; /* do the secure computing check first */ secure_computing(regs->u_regs[UREG_G1]); if (unlikely(current->audit_context) && syscall_exit_p) { unsigned long tstate = regs->tstate; int result = AUDITSC_SUCCESS; if (unlikely(tstate & (TSTATE_XCARRY | TSTATE_ICARRY))) result = AUDITSC_FAILURE; audit_syscall_exit(current, result, regs->u_regs[UREG_I0]); } if (!(current->ptrace & PT_PTRACED)) return; goto out; if (!test_thread_flag(TIF_SYSCALL_TRACE)) goto out; ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD) ? 0x80 : 0)); Loading @@ -645,12 +659,20 @@ asmlinkage void syscall_trace(void) * for normal use. strace only continues with a signal if the * stopping signal is not SIGTRAP. -brl */ #ifdef DEBUG_PTRACE printk("%s [%d]: syscall_trace exit= %x\n", current->comm, current->pid, current->exit_code); #endif if (current->exit_code) { send_sig(current->exit_code, current, 1); current->exit_code = 0; } out: if (unlikely(current->audit_context) && !syscall_exit_p) audit_syscall_entry(current, (test_thread_flag(TIF_32BIT) ? AUDIT_ARCH_SPARC : AUDIT_ARCH_SPARC64), regs->u_regs[UREG_G1], regs->u_regs[UREG_I0], regs->u_regs[UREG_I1], regs->u_regs[UREG_I2], regs->u_regs[UREG_I3]); } Loading
arch/sparc/kernel/systbls.S +2 −2 Original line number Diff line number Diff line Loading @@ -57,11 +57,11 @@ sys_call_table: /*180*/ .long sys_flistxattr, sys_removexattr, sys_lremovexattr, sys_sigpending, sys_ni_syscall /*185*/ .long sys_setpgid, sys_fremovexattr, sys_tkill, sys_exit_group, sys_newuname /*190*/ .long sys_init_module, sys_personality, sparc_remap_file_pages, sys_epoll_create, sys_epoll_ctl /*195*/ .long sys_epoll_wait, sys_nis_syscall, sys_getppid, sparc_sigaction, sys_sgetmask /*195*/ .long sys_epoll_wait, sys_ioprio_set, sys_getppid, sparc_sigaction, sys_sgetmask /*200*/ .long sys_ssetmask, sys_sigsuspend, sys_newlstat, sys_uselib, old_readdir /*205*/ .long sys_readahead, sys_socketcall, sys_syslog, sys_lookup_dcookie, sys_fadvise64 /*210*/ .long sys_fadvise64_64, sys_tgkill, sys_waitpid, sys_swapoff, sys_sysinfo /*215*/ .long sys_ipc, sys_sigreturn, sys_clone, sys_nis_syscall, sys_adjtimex /*215*/ .long sys_ipc, sys_sigreturn, sys_clone, sys_ioprio_get, sys_adjtimex /*220*/ .long sys_sigprocmask, sys_ni_syscall, sys_delete_module, sys_ni_syscall, sys_getpgid /*225*/ .long sys_bdflush, sys_sysfs, sys_nis_syscall, sys_setfsuid16, sys_setfsgid16 /*230*/ .long sys_select, sys_time, sys_nis_syscall, sys_stime, sys_statfs64 Loading
arch/sparc64/Kconfig +17 −0 Original line number Diff line number Diff line Loading @@ -43,6 +43,23 @@ config SPARC64_PAGE_SIZE_4MB endchoice config SECCOMP bool "Enable seccomp to safely compute untrusted bytecode" depends on PROC_FS default y help This kernel feature is useful for number crunching applications that may need to compute untrusted bytecode during their execution. By using pipes or other transports made available to the process as file descriptors supporting the read/write syscalls, it's possible to isolate those applications in their own address space using seccomp. Once seccomp is enabled via /proc/<pid>/seccomp, it cannot be disabled and the task is only allowed to execute a few safe syscalls defined by each seccomp mode. If unsure, say Y. Only embedded should say N here. source kernel/Kconfig.hz source "init/Kconfig" Loading
arch/sparc64/kernel/entry.S +14 −28 Original line number Diff line number Diff line Loading @@ -22,8 +22,6 @@ #include <asm/estate.h> #include <asm/auxio.h> /* #define SYSCALL_TRACING 1 */ #define curptr g6 #define NR_SYSCALLS 284 /* Each OS is different... */ Loading Loading @@ -1554,11 +1552,12 @@ sys_ptrace: add %sp, PTREGS_OFF, %o0 nop .align 32 1: ldx [%curptr + TI_FLAGS], %l5 andcc %l5, _TIF_SYSCALL_TRACE, %g0 andcc %l5, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %g0 be,pt %icc, rtrap clr %l6 add %sp, PTREGS_OFF, %o0 call syscall_trace nop mov 1, %o1 ba,pt %xcc, rtrap clr %l6 Loading Loading @@ -1642,18 +1641,20 @@ linux_sparc_ni_syscall: or %l7, %lo(sys_ni_syscall), %l7 linux_syscall_trace32: add %sp, PTREGS_OFF, %o0 call syscall_trace nop clr %o1 srl %i0, 0, %o0 mov %i4, %o4 srl %i4, 0, %o4 srl %i1, 0, %o1 srl %i2, 0, %o2 b,pt %xcc, 2f srl %i3, 0, %o3 linux_syscall_trace: add %sp, PTREGS_OFF, %o0 call syscall_trace nop clr %o1 mov %i0, %o0 mov %i1, %o1 mov %i2, %o2 Loading @@ -1671,11 +1672,6 @@ linux_sparc_syscall32: bgeu,pn %xcc, linux_sparc_ni_syscall ! CTI srl %i0, 0, %o0 ! IEU0 sll %g1, 2, %l4 ! IEU0 Group #ifdef SYSCALL_TRACING call syscall_trace_entry add %sp, PTREGS_OFF, %o0 srl %i0, 0, %o0 #endif srl %i4, 0, %o4 ! IEU1 lduw [%l7 + %l4], %l7 ! Load srl %i1, 0, %o1 ! IEU0 Group Loading @@ -1683,7 +1679,7 @@ linux_sparc_syscall32: srl %i5, 0, %o5 ! IEU1 srl %i2, 0, %o2 ! IEU0 Group andcc %l0, _TIF_SYSCALL_TRACE, %g0 ! IEU0 Group andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %g0 bne,pn %icc, linux_syscall_trace32 ! CTI mov %i0, %l5 ! IEU1 call %l7 ! CTI Group brk forced Loading @@ -1699,11 +1695,6 @@ linux_sparc_syscall: bgeu,pn %xcc, linux_sparc_ni_syscall ! CTI mov %i0, %o0 ! IEU0 sll %g1, 2, %l4 ! IEU0 Group #ifdef SYSCALL_TRACING call syscall_trace_entry add %sp, PTREGS_OFF, %o0 mov %i0, %o0 #endif mov %i1, %o1 ! IEU1 lduw [%l7 + %l4], %l7 ! Load 4: mov %i2, %o2 ! IEU0 Group Loading @@ -1711,7 +1702,7 @@ linux_sparc_syscall: mov %i3, %o3 ! IEU1 mov %i4, %o4 ! IEU0 Group andcc %l0, _TIF_SYSCALL_TRACE, %g0 ! IEU1 Group+1 bubble andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %g0 bne,pn %icc, linux_syscall_trace ! CTI Group mov %i0, %l5 ! IEU0 2: call %l7 ! CTI Group brk forced Loading @@ -1720,12 +1711,6 @@ linux_sparc_syscall: 3: stx %o0, [%sp + PTREGS_OFF + PT_V9_I0] ret_sys_call: #ifdef SYSCALL_TRACING mov %o0, %o1 call syscall_trace_exit add %sp, PTREGS_OFF, %o0 mov %o1, %o0 #endif ldx [%sp + PTREGS_OFF + PT_V9_TSTATE], %g3 ldx [%sp + PTREGS_OFF + PT_V9_TNPC], %l1 ! pc = npc sra %o0, 0, %o0 Loading @@ -1745,7 +1730,7 @@ ret_sys_call: 1: cmp %o0, -ERESTART_RESTARTBLOCK bgeu,pn %xcc, 1f andcc %l0, _TIF_SYSCALL_TRACE, %l6 andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %l6 80: /* System call success, clear Carry condition code. */ andn %g3, %g2, %g3 Loading @@ -1760,7 +1745,7 @@ ret_sys_call: /* System call failure, set Carry condition code. * Also, get abs(errno) to return to the process. */ andcc %l0, _TIF_SYSCALL_TRACE, %l6 andcc %l0, (_TIF_SYSCALL_TRACE|_TIF_SECCOMP|_TIF_SYSCALL_AUDIT), %l6 sub %g0, %o0, %o0 or %g3, %g2, %g3 stx %o0, [%sp + PTREGS_OFF + PT_V9_I0] Loading @@ -1773,8 +1758,9 @@ ret_sys_call: b,pt %xcc, rtrap stx %l2, [%sp + PTREGS_OFF + PT_V9_TNPC] linux_syscall_trace2: add %sp, PTREGS_OFF, %o0 call syscall_trace nop mov 1, %o1 stx %l1, [%sp + PTREGS_OFF + PT_V9_TPC] ba,pt %xcc, rtrap stx %l2, [%sp + PTREGS_OFF + PT_V9_TNPC] Loading
arch/sparc64/kernel/power.c +2 −1 Original line number Diff line number Diff line Loading @@ -4,6 +4,8 @@ * Copyright (C) 1999 David S. Miller (davem@redhat.com) */ #define __KERNEL_SYSCALLS__ #include <linux/config.h> #include <linux/kernel.h> #include <linux/module.h> Loading @@ -17,7 +19,6 @@ #include <asm/ebus.h> #include <asm/auxio.h> #define __KERNEL_SYSCALLS__ #include <linux/unistd.h> /* Loading
arch/sparc64/kernel/ptrace.c +34 −12 Original line number Diff line number Diff line Loading @@ -19,6 +19,8 @@ #include <linux/smp.h> #include <linux/smp_lock.h> #include <linux/security.h> #include <linux/seccomp.h> #include <linux/audit.h> #include <linux/signal.h> #include <asm/asi.h> Loading Loading @@ -628,15 +630,27 @@ out: unlock_kernel(); } asmlinkage void syscall_trace(void) asmlinkage void syscall_trace(struct pt_regs *regs, int syscall_exit_p) { #ifdef DEBUG_PTRACE printk("%s [%d]: syscall_trace\n", current->comm, current->pid); #endif if (!test_thread_flag(TIF_SYSCALL_TRACE)) return; /* do the secure computing check first */ secure_computing(regs->u_regs[UREG_G1]); if (unlikely(current->audit_context) && syscall_exit_p) { unsigned long tstate = regs->tstate; int result = AUDITSC_SUCCESS; if (unlikely(tstate & (TSTATE_XCARRY | TSTATE_ICARRY))) result = AUDITSC_FAILURE; audit_syscall_exit(current, result, regs->u_regs[UREG_I0]); } if (!(current->ptrace & PT_PTRACED)) return; goto out; if (!test_thread_flag(TIF_SYSCALL_TRACE)) goto out; ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD) ? 0x80 : 0)); Loading @@ -645,12 +659,20 @@ asmlinkage void syscall_trace(void) * for normal use. strace only continues with a signal if the * stopping signal is not SIGTRAP. -brl */ #ifdef DEBUG_PTRACE printk("%s [%d]: syscall_trace exit= %x\n", current->comm, current->pid, current->exit_code); #endif if (current->exit_code) { send_sig(current->exit_code, current, 1); current->exit_code = 0; } out: if (unlikely(current->audit_context) && !syscall_exit_p) audit_syscall_entry(current, (test_thread_flag(TIF_32BIT) ? AUDIT_ARCH_SPARC : AUDIT_ARCH_SPARC64), regs->u_regs[UREG_G1], regs->u_regs[UREG_I0], regs->u_regs[UREG_I1], regs->u_regs[UREG_I2], regs->u_regs[UREG_I3]); }
