From: YiFei Zhu <zhuyifei1999@gmail.com>
To: containers@lists.linux-foundation.org
Cc: Andrea Arcangeli <aarcange@redhat.com>,
Giuseppe Scrivano <gscrivan@redhat.com>,
Valentin Rothberg <vrothber@redhat.com>,
Kees Cook <keescook@chromium.org>, Jann Horn <jannh@google.com>,
YiFei Zhu <yifeifz2@illinois.edu>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
linux-kernel@vger.kernel.org,
Andy Lutomirski <luto@amacapital.net>,
Hubertus Franke <frankeh@us.ibm.com>,
Jack Chen <jianyan2@illinois.edu>,
Dimitrios Skarlatos <dskarlat@cs.cmu.edu>,
Josep Torrellas <torrella@illinois.edu>,
Will Drewry <wad@chromium.org>,
bpf@vger.kernel.org, Tianyin Xu <tyxu@illinois.edu>
Subject: [PATCH seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
Date: Thu, 24 Sep 2020 07:06:42 -0500 [thread overview]
Message-ID: <20bbc8ed4b9f2c83d0f67f37955eb2d789268525.1600946701.git.yifeifz2@illinois.edu> (raw)
In-Reply-To: <cover.1600946701.git.yifeifz2@illinois.edu>
From: YiFei Zhu <yifeifz2@illinois.edu>
Seccomp cache emulator needs to know all the architecture numbers
that syscall_get_arch() could return for the kernel build in order
to generate a cache for all of them.
The array is declared in header as static __maybe_unused const
to maximize compiler optimiation opportunities such as loop
unrolling.
Signed-off-by: YiFei Zhu <yifeifz2@illinois.edu>
---
arch/alpha/include/asm/syscall.h | 4 ++++
arch/arc/include/asm/syscall.h | 24 +++++++++++++++++++-----
arch/arm/include/asm/syscall.h | 4 ++++
arch/arm64/include/asm/syscall.h | 4 ++++
arch/c6x/include/asm/syscall.h | 13 +++++++++++--
arch/csky/include/asm/syscall.h | 4 ++++
arch/h8300/include/asm/syscall.h | 4 ++++
arch/hexagon/include/asm/syscall.h | 4 ++++
arch/ia64/include/asm/syscall.h | 4 ++++
arch/m68k/include/asm/syscall.h | 4 ++++
arch/microblaze/include/asm/syscall.h | 4 ++++
arch/mips/include/asm/syscall.h | 16 ++++++++++++++++
arch/nds32/include/asm/syscall.h | 13 +++++++++++--
arch/nios2/include/asm/syscall.h | 4 ++++
arch/openrisc/include/asm/syscall.h | 4 ++++
arch/parisc/include/asm/syscall.h | 7 +++++++
arch/powerpc/include/asm/syscall.h | 14 ++++++++++++++
arch/riscv/include/asm/syscall.h | 14 ++++++++++----
arch/s390/include/asm/syscall.h | 7 +++++++
arch/sh/include/asm/syscall_32.h | 17 +++++++++++------
arch/sparc/include/asm/syscall.h | 9 +++++++++
arch/x86/include/asm/syscall.h | 11 +++++++++++
arch/x86/um/asm/syscall.h | 14 ++++++++++----
arch/xtensa/include/asm/syscall.h | 4 ++++
24 files changed, 184 insertions(+), 23 deletions(-)
diff --git a/arch/alpha/include/asm/syscall.h b/arch/alpha/include/asm/syscall.h
index 11c688c1d7ec..625ac9b23f37 100644
--- a/arch/alpha/include/asm/syscall.h
+++ b/arch/alpha/include/asm/syscall.h
@@ -4,6 +4,10 @@
#include <uapi/linux/audit.h>
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_ALPHA
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_ALPHA;
diff --git a/arch/arc/include/asm/syscall.h b/arch/arc/include/asm/syscall.h
index 94529e89dff0..899c13cbf5cc 100644
--- a/arch/arc/include/asm/syscall.h
+++ b/arch/arc/include/asm/syscall.h
@@ -65,14 +65,28 @@ syscall_get_arguments(struct task_struct *task, struct pt_regs *regs,
}
}
+#ifdef CONFIG_ISA_ARCOMPACT
+# ifdef CONFIG_CPU_BIG_ENDIAN
+# define SYSCALL_ARCH AUDIT_ARCH_ARCOMPACTBE
+# else
+# define SYSCALL_ARCH AUDIT_ARCH_ARCOMPACT
+# endif /* CONFIG_CPU_BIG_ENDIAN */
+#else
+# ifdef CONFIG_CPU_BIG_ENDIAN
+# define SYSCALL_ARCH AUDIT_ARCH_ARCV2BE
+# else
+# define SYSCALL_ARCH AUDIT_ARCH_ARCV2
+# endif /* CONFIG_CPU_BIG_ENDIAN */
+#endif /* CONFIG_ISA_ARCOMPACT */
+
+static __maybe_unused const int syscall_arches[] = {
+ SYSCALL_ARCH
+};
+
static inline int
syscall_get_arch(struct task_struct *task)
{
- return IS_ENABLED(CONFIG_ISA_ARCOMPACT)
- ? (IS_ENABLED(CONFIG_CPU_BIG_ENDIAN)
- ? AUDIT_ARCH_ARCOMPACTBE : AUDIT_ARCH_ARCOMPACT)
- : (IS_ENABLED(CONFIG_CPU_BIG_ENDIAN)
- ? AUDIT_ARCH_ARCV2BE : AUDIT_ARCH_ARCV2);
+ return SYSCALL_ARCH;
}
#endif
diff --git a/arch/arm/include/asm/syscall.h b/arch/arm/include/asm/syscall.h
index fd02761ba06c..33ade26e3956 100644
--- a/arch/arm/include/asm/syscall.h
+++ b/arch/arm/include/asm/syscall.h
@@ -73,6 +73,10 @@ static inline void syscall_set_arguments(struct task_struct *task,
memcpy(®s->ARM_r0 + 1, args, 5 * sizeof(args[0]));
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_ARM
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
/* ARM tasks don't change audit architectures on the fly. */
diff --git a/arch/arm64/include/asm/syscall.h b/arch/arm64/include/asm/syscall.h
index cfc0672013f6..77f3d300e7a0 100644
--- a/arch/arm64/include/asm/syscall.h
+++ b/arch/arm64/include/asm/syscall.h
@@ -82,6 +82,10 @@ static inline void syscall_set_arguments(struct task_struct *task,
memcpy(®s->regs[1], args, 5 * sizeof(args[0]));
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_ARM, AUDIT_ARCH_AARCH64
+};
+
/*
* We don't care about endianness (__AUDIT_ARCH_LE bit) here because
* AArch64 has the same system calls both on little- and big- endian.
diff --git a/arch/c6x/include/asm/syscall.h b/arch/c6x/include/asm/syscall.h
index 38f3e2284ecd..0d78c67ee1fc 100644
--- a/arch/c6x/include/asm/syscall.h
+++ b/arch/c6x/include/asm/syscall.h
@@ -66,10 +66,19 @@ static inline void syscall_set_arguments(struct task_struct *task,
regs->a9 = *args;
}
+#ifdef CONFIG_CPU_BIG_ENDIAN
+#define SYSCALL_ARCH AUDIT_ARCH_C6XBE
+#else
+#define SYSCALL_ARCH AUDIT_ARCH_C6X
+#endif
+
+static __maybe_unused const int syscall_arches[] = {
+ SYSCALL_ARCH
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
- return IS_ENABLED(CONFIG_CPU_BIG_ENDIAN)
- ? AUDIT_ARCH_C6XBE : AUDIT_ARCH_C6X;
+ return SYSCALL_ARCH;
}
#endif /* __ASM_C6X_SYSCALLS_H */
diff --git a/arch/csky/include/asm/syscall.h b/arch/csky/include/asm/syscall.h
index f624fa3bbc22..86242d2850d7 100644
--- a/arch/csky/include/asm/syscall.h
+++ b/arch/csky/include/asm/syscall.h
@@ -68,6 +68,10 @@ syscall_set_arguments(struct task_struct *task, struct pt_regs *regs,
memcpy(®s->a1, args, 5 * sizeof(regs->a1));
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_CSKY
+};
+
static inline int
syscall_get_arch(struct task_struct *task)
{
diff --git a/arch/h8300/include/asm/syscall.h b/arch/h8300/include/asm/syscall.h
index 01666b8bb263..775f6ac8fde3 100644
--- a/arch/h8300/include/asm/syscall.h
+++ b/arch/h8300/include/asm/syscall.h
@@ -28,6 +28,10 @@ syscall_get_arguments(struct task_struct *task, struct pt_regs *regs,
*args = regs->er6;
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_H8300
+};
+
static inline int
syscall_get_arch(struct task_struct *task)
{
diff --git a/arch/hexagon/include/asm/syscall.h b/arch/hexagon/include/asm/syscall.h
index f6e454f18038..6ee21a76f6a3 100644
--- a/arch/hexagon/include/asm/syscall.h
+++ b/arch/hexagon/include/asm/syscall.h
@@ -45,6 +45,10 @@ static inline long syscall_get_return_value(struct task_struct *task,
return regs->r00;
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_HEXAGON
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_HEXAGON;
diff --git a/arch/ia64/include/asm/syscall.h b/arch/ia64/include/asm/syscall.h
index 6c6f16e409a8..19456125c89a 100644
--- a/arch/ia64/include/asm/syscall.h
+++ b/arch/ia64/include/asm/syscall.h
@@ -71,6 +71,10 @@ static inline void syscall_set_arguments(struct task_struct *task,
ia64_syscall_get_set_arguments(task, regs, args, 1);
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_IA64
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_IA64;
diff --git a/arch/m68k/include/asm/syscall.h b/arch/m68k/include/asm/syscall.h
index 465ac039be09..031b051f9026 100644
--- a/arch/m68k/include/asm/syscall.h
+++ b/arch/m68k/include/asm/syscall.h
@@ -4,6 +4,10 @@
#include <uapi/linux/audit.h>
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_M68K
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_M68K;
diff --git a/arch/microblaze/include/asm/syscall.h b/arch/microblaze/include/asm/syscall.h
index 3a6924f3cbde..28cde14056d1 100644
--- a/arch/microblaze/include/asm/syscall.h
+++ b/arch/microblaze/include/asm/syscall.h
@@ -105,6 +105,10 @@ static inline void syscall_set_arguments(struct task_struct *task,
asmlinkage unsigned long do_syscall_trace_enter(struct pt_regs *regs);
asmlinkage void do_syscall_trace_leave(struct pt_regs *regs);
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_MICROBLAZE
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_MICROBLAZE;
diff --git a/arch/mips/include/asm/syscall.h b/arch/mips/include/asm/syscall.h
index 25fa651c937d..29e4c1c47c54 100644
--- a/arch/mips/include/asm/syscall.h
+++ b/arch/mips/include/asm/syscall.h
@@ -140,6 +140,22 @@ extern const unsigned long sys_call_table[];
extern const unsigned long sys32_call_table[];
extern const unsigned long sysn32_call_table[];
+static __maybe_unused const int syscall_arches[] = {
+#ifdef __LITTLE_ENDIAN
+ AUDIT_ARCH_MIPSEL,
+# ifdef CONFIG_64BIT
+ AUDIT_ARCH_MIPSEL64,
+ AUDIT_ARCH_MIPSEL64N32,
+# endif /* CONFIG_64BIT */
+#else
+ AUDIT_ARCH_MIPS,
+# ifdef CONFIG_64BIT
+ AUDIT_ARCH_MIPS64,
+ AUDIT_ARCH_MIPS64N32,
+# endif /* CONFIG_64BIT */
+#endif /* __LITTLE_ENDIAN */
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
int arch = AUDIT_ARCH_MIPS;
diff --git a/arch/nds32/include/asm/syscall.h b/arch/nds32/include/asm/syscall.h
index 7b5180d78e20..2dd5e33bcfcb 100644
--- a/arch/nds32/include/asm/syscall.h
+++ b/arch/nds32/include/asm/syscall.h
@@ -154,11 +154,20 @@ syscall_set_arguments(struct task_struct *task, struct pt_regs *regs,
memcpy(®s->uregs[0] + 1, args, 5 * sizeof(args[0]));
}
+#ifdef CONFIG_CPU_BIG_ENDIAN
+#define SYSCALL_ARCH AUDIT_ARCH_NDS32BE
+#else
+#define SYSCALL_ARCH AUDIT_ARCH_NDS32
+#endif
+
+static __maybe_unused const int syscall_arches[] = {
+ SYSCALL_ARCH
+};
+
static inline int
syscall_get_arch(struct task_struct *task)
{
- return IS_ENABLED(CONFIG_CPU_BIG_ENDIAN)
- ? AUDIT_ARCH_NDS32BE : AUDIT_ARCH_NDS32;
+ return SYSCALL_ARCH;
}
#endif /* _ASM_NDS32_SYSCALL_H */
diff --git a/arch/nios2/include/asm/syscall.h b/arch/nios2/include/asm/syscall.h
index 526449edd768..8fa2716cac5a 100644
--- a/arch/nios2/include/asm/syscall.h
+++ b/arch/nios2/include/asm/syscall.h
@@ -69,6 +69,10 @@ static inline void syscall_set_arguments(struct task_struct *task,
regs->r9 = *args;
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_NIOS2
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_NIOS2;
diff --git a/arch/openrisc/include/asm/syscall.h b/arch/openrisc/include/asm/syscall.h
index e6383be2a195..4eb28ad08042 100644
--- a/arch/openrisc/include/asm/syscall.h
+++ b/arch/openrisc/include/asm/syscall.h
@@ -64,6 +64,10 @@ syscall_set_arguments(struct task_struct *task, struct pt_regs *regs,
memcpy(®s->gpr[3], args, 6 * sizeof(args[0]));
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_OPENRISC
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_OPENRISC;
diff --git a/arch/parisc/include/asm/syscall.h b/arch/parisc/include/asm/syscall.h
index 00b127a5e09b..2915f140c9fd 100644
--- a/arch/parisc/include/asm/syscall.h
+++ b/arch/parisc/include/asm/syscall.h
@@ -55,6 +55,13 @@ static inline void syscall_rollback(struct task_struct *task,
/* do nothing */
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_PARISC,
+#ifdef CONFIG_64BIT
+ AUDIT_ARCH_PARISC64,
+#endif
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
int arch = AUDIT_ARCH_PARISC;
diff --git a/arch/powerpc/include/asm/syscall.h b/arch/powerpc/include/asm/syscall.h
index fd1b518eed17..781deb211e3d 100644
--- a/arch/powerpc/include/asm/syscall.h
+++ b/arch/powerpc/include/asm/syscall.h
@@ -104,6 +104,20 @@ static inline void syscall_set_arguments(struct task_struct *task,
regs->orig_gpr3 = args[0];
}
+static __maybe_unused const int syscall_arches[] = {
+#ifdef __LITTLE_ENDIAN__
+ AUDIT_ARCH_PPC | __AUDIT_ARCH_LE,
+# ifdef CONFIG_PPC64
+ AUDIT_ARCH_PPC64LE,
+# endif /* CONFIG_PPC64 */
+#else
+ AUDIT_ARCH_PPC,
+# ifdef CONFIG_PPC64
+ AUDIT_ARCH_PPC64,
+# endif /* CONFIG_PPC64 */
+#endif /* __LITTLE_ENDIAN__ */
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
int arch;
diff --git a/arch/riscv/include/asm/syscall.h b/arch/riscv/include/asm/syscall.h
index 49350c8bd7b0..4b36d358243e 100644
--- a/arch/riscv/include/asm/syscall.h
+++ b/arch/riscv/include/asm/syscall.h
@@ -73,13 +73,19 @@ static inline void syscall_set_arguments(struct task_struct *task,
memcpy(®s->a1, args, 5 * sizeof(regs->a1));
}
-static inline int syscall_get_arch(struct task_struct *task)
-{
#ifdef CONFIG_64BIT
- return AUDIT_ARCH_RISCV64;
+#define SYSCALL_ARCH AUDIT_ARCH_RISCV64
#else
- return AUDIT_ARCH_RISCV32;
+#define SYSCALL_ARCH AUDIT_ARCH_RISCV32
#endif
+
+static __maybe_unused const int syscall_arches[] = {
+ SYSCALL_ARCH
+};
+
+static inline int syscall_get_arch(struct task_struct *task)
+{
+ return SYSCALL_ARCH;
}
#endif /* _ASM_RISCV_SYSCALL_H */
diff --git a/arch/s390/include/asm/syscall.h b/arch/s390/include/asm/syscall.h
index d9d5de0f67ff..4cb9da36610a 100644
--- a/arch/s390/include/asm/syscall.h
+++ b/arch/s390/include/asm/syscall.h
@@ -89,6 +89,13 @@ static inline void syscall_set_arguments(struct task_struct *task,
regs->orig_gpr2 = args[0];
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_S390X,
+#ifdef CONFIG_COMPAT
+ AUDIT_ARCH_S390,
+#endif
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
#ifdef CONFIG_COMPAT
diff --git a/arch/sh/include/asm/syscall_32.h b/arch/sh/include/asm/syscall_32.h
index cb51a7528384..4780f2339c72 100644
--- a/arch/sh/include/asm/syscall_32.h
+++ b/arch/sh/include/asm/syscall_32.h
@@ -69,13 +69,18 @@ static inline void syscall_set_arguments(struct task_struct *task,
regs->regs[4] = args[0];
}
-static inline int syscall_get_arch(struct task_struct *task)
-{
- int arch = AUDIT_ARCH_SH;
-
#ifdef CONFIG_CPU_LITTLE_ENDIAN
- arch |= __AUDIT_ARCH_LE;
+#define SYSCALL_ARCH AUDIT_ARCH_SHEL
+#else
+#define SYSCALL_ARCH AUDIT_ARCH_SH
#endif
- return arch;
+
+static __maybe_unused const int syscall_arches[] = {
+ SYSCALL_ARCH
+};
+
+static inline int syscall_get_arch(struct task_struct *task)
+{
+ return SYSCALL_ARCH;
}
#endif /* __ASM_SH_SYSCALL_32_H */
diff --git a/arch/sparc/include/asm/syscall.h b/arch/sparc/include/asm/syscall.h
index 62a5a78804c4..a458992cdcfe 100644
--- a/arch/sparc/include/asm/syscall.h
+++ b/arch/sparc/include/asm/syscall.h
@@ -127,6 +127,15 @@ static inline void syscall_set_arguments(struct task_struct *task,
regs->u_regs[UREG_I0 + i] = args[i];
}
+static __maybe_unused const int syscall_arches[] = {
+#ifdef CONFIG_SPARC64
+ AUDIT_ARCH_SPARC64,
+#endif
+#if !defined(CONFIG_SPARC64) || defined(CONFIG_COMPAT)
+ AUDIT_ARCH_SPARC,
+#endif
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
#if defined(CONFIG_SPARC64) && defined(CONFIG_COMPAT)
diff --git a/arch/x86/include/asm/syscall.h b/arch/x86/include/asm/syscall.h
index 7cbf733d11af..e13bb2a65b6f 100644
--- a/arch/x86/include/asm/syscall.h
+++ b/arch/x86/include/asm/syscall.h
@@ -97,6 +97,10 @@ static inline void syscall_set_arguments(struct task_struct *task,
memcpy(®s->bx + i, args, n * sizeof(args[0]));
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_I386
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_I386;
@@ -152,6 +156,13 @@ static inline void syscall_set_arguments(struct task_struct *task,
}
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_X86_64,
+#ifdef CONFIG_IA32_EMULATION
+ AUDIT_ARCH_I386,
+#endif
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
/* x32 tasks should be considered AUDIT_ARCH_X86_64. */
diff --git a/arch/x86/um/asm/syscall.h b/arch/x86/um/asm/syscall.h
index 56a2f0913e3c..590a31e22b99 100644
--- a/arch/x86/um/asm/syscall.h
+++ b/arch/x86/um/asm/syscall.h
@@ -9,13 +9,19 @@ typedef asmlinkage long (*sys_call_ptr_t)(unsigned long, unsigned long,
unsigned long, unsigned long,
unsigned long, unsigned long);
-static inline int syscall_get_arch(struct task_struct *task)
-{
#ifdef CONFIG_X86_32
- return AUDIT_ARCH_I386;
+#define SYSCALL_ARCH AUDIT_ARCH_I386
#else
- return AUDIT_ARCH_X86_64;
+#define SYSCALL_ARCH AUDIT_ARCH_X86_64
#endif
+
+static __maybe_unused const int syscall_arches[] = {
+ SYSCALL_ARCH
+};
+
+static inline int syscall_get_arch(struct task_struct *task)
+{
+ return SYSCALL_ARCH;
}
#endif /* __UM_ASM_SYSCALL_H */
diff --git a/arch/xtensa/include/asm/syscall.h b/arch/xtensa/include/asm/syscall.h
index f9a671cbf933..3d334fb0d329 100644
--- a/arch/xtensa/include/asm/syscall.h
+++ b/arch/xtensa/include/asm/syscall.h
@@ -14,6 +14,10 @@
#include <asm/ptrace.h>
#include <uapi/linux/audit.h>
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_XTENSA
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_XTENSA;
--
2.28.0
_______________________________________________
Containers mailing list
Containers@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/containers
WARNING: multiple messages have this Message-ID (diff)
From: YiFei Zhu <zhuyifei1999@gmail.com>
To: containers@lists.linux-foundation.org
Cc: YiFei Zhu <yifeifz2@illinois.edu>,
bpf@vger.kernel.org, linux-kernel@vger.kernel.org,
Aleksa Sarai <cyphar@cyphar.com>,
Andrea Arcangeli <aarcange@redhat.com>,
Andy Lutomirski <luto@amacapital.net>,
Dimitrios Skarlatos <dskarlat@cs.cmu.edu>,
Giuseppe Scrivano <gscrivan@redhat.com>,
Hubertus Franke <frankeh@us.ibm.com>,
Jack Chen <jianyan2@illinois.edu>, Jann Horn <jannh@google.com>,
Josep Torrellas <torrella@illinois.edu>,
Kees Cook <keescook@chromium.org>, Tianyin Xu <tyxu@illinois.edu>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
Tycho Andersen <tycho@tycho.pizza>,
Valentin Rothberg <vrothber@redhat.com>,
Will Drewry <wad@chromium.org>
Subject: [PATCH seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
Date: Thu, 24 Sep 2020 07:06:42 -0500 [thread overview]
Message-ID: <20bbc8ed4b9f2c83d0f67f37955eb2d789268525.1600946701.git.yifeifz2@illinois.edu> (raw)
In-Reply-To: <cover.1600946701.git.yifeifz2@illinois.edu>
From: YiFei Zhu <yifeifz2@illinois.edu>
Seccomp cache emulator needs to know all the architecture numbers
that syscall_get_arch() could return for the kernel build in order
to generate a cache for all of them.
The array is declared in header as static __maybe_unused const
to maximize compiler optimiation opportunities such as loop
unrolling.
Signed-off-by: YiFei Zhu <yifeifz2@illinois.edu>
---
arch/alpha/include/asm/syscall.h | 4 ++++
arch/arc/include/asm/syscall.h | 24 +++++++++++++++++++-----
arch/arm/include/asm/syscall.h | 4 ++++
arch/arm64/include/asm/syscall.h | 4 ++++
arch/c6x/include/asm/syscall.h | 13 +++++++++++--
arch/csky/include/asm/syscall.h | 4 ++++
arch/h8300/include/asm/syscall.h | 4 ++++
arch/hexagon/include/asm/syscall.h | 4 ++++
arch/ia64/include/asm/syscall.h | 4 ++++
arch/m68k/include/asm/syscall.h | 4 ++++
arch/microblaze/include/asm/syscall.h | 4 ++++
arch/mips/include/asm/syscall.h | 16 ++++++++++++++++
arch/nds32/include/asm/syscall.h | 13 +++++++++++--
arch/nios2/include/asm/syscall.h | 4 ++++
arch/openrisc/include/asm/syscall.h | 4 ++++
arch/parisc/include/asm/syscall.h | 7 +++++++
arch/powerpc/include/asm/syscall.h | 14 ++++++++++++++
arch/riscv/include/asm/syscall.h | 14 ++++++++++----
arch/s390/include/asm/syscall.h | 7 +++++++
arch/sh/include/asm/syscall_32.h | 17 +++++++++++------
arch/sparc/include/asm/syscall.h | 9 +++++++++
arch/x86/include/asm/syscall.h | 11 +++++++++++
arch/x86/um/asm/syscall.h | 14 ++++++++++----
arch/xtensa/include/asm/syscall.h | 4 ++++
24 files changed, 184 insertions(+), 23 deletions(-)
diff --git a/arch/alpha/include/asm/syscall.h b/arch/alpha/include/asm/syscall.h
index 11c688c1d7ec..625ac9b23f37 100644
--- a/arch/alpha/include/asm/syscall.h
+++ b/arch/alpha/include/asm/syscall.h
@@ -4,6 +4,10 @@
#include <uapi/linux/audit.h>
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_ALPHA
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_ALPHA;
diff --git a/arch/arc/include/asm/syscall.h b/arch/arc/include/asm/syscall.h
index 94529e89dff0..899c13cbf5cc 100644
--- a/arch/arc/include/asm/syscall.h
+++ b/arch/arc/include/asm/syscall.h
@@ -65,14 +65,28 @@ syscall_get_arguments(struct task_struct *task, struct pt_regs *regs,
}
}
+#ifdef CONFIG_ISA_ARCOMPACT
+# ifdef CONFIG_CPU_BIG_ENDIAN
+# define SYSCALL_ARCH AUDIT_ARCH_ARCOMPACTBE
+# else
+# define SYSCALL_ARCH AUDIT_ARCH_ARCOMPACT
+# endif /* CONFIG_CPU_BIG_ENDIAN */
+#else
+# ifdef CONFIG_CPU_BIG_ENDIAN
+# define SYSCALL_ARCH AUDIT_ARCH_ARCV2BE
+# else
+# define SYSCALL_ARCH AUDIT_ARCH_ARCV2
+# endif /* CONFIG_CPU_BIG_ENDIAN */
+#endif /* CONFIG_ISA_ARCOMPACT */
+
+static __maybe_unused const int syscall_arches[] = {
+ SYSCALL_ARCH
+};
+
static inline int
syscall_get_arch(struct task_struct *task)
{
- return IS_ENABLED(CONFIG_ISA_ARCOMPACT)
- ? (IS_ENABLED(CONFIG_CPU_BIG_ENDIAN)
- ? AUDIT_ARCH_ARCOMPACTBE : AUDIT_ARCH_ARCOMPACT)
- : (IS_ENABLED(CONFIG_CPU_BIG_ENDIAN)
- ? AUDIT_ARCH_ARCV2BE : AUDIT_ARCH_ARCV2);
+ return SYSCALL_ARCH;
}
#endif
diff --git a/arch/arm/include/asm/syscall.h b/arch/arm/include/asm/syscall.h
index fd02761ba06c..33ade26e3956 100644
--- a/arch/arm/include/asm/syscall.h
+++ b/arch/arm/include/asm/syscall.h
@@ -73,6 +73,10 @@ static inline void syscall_set_arguments(struct task_struct *task,
memcpy(®s->ARM_r0 + 1, args, 5 * sizeof(args[0]));
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_ARM
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
/* ARM tasks don't change audit architectures on the fly. */
diff --git a/arch/arm64/include/asm/syscall.h b/arch/arm64/include/asm/syscall.h
index cfc0672013f6..77f3d300e7a0 100644
--- a/arch/arm64/include/asm/syscall.h
+++ b/arch/arm64/include/asm/syscall.h
@@ -82,6 +82,10 @@ static inline void syscall_set_arguments(struct task_struct *task,
memcpy(®s->regs[1], args, 5 * sizeof(args[0]));
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_ARM, AUDIT_ARCH_AARCH64
+};
+
/*
* We don't care about endianness (__AUDIT_ARCH_LE bit) here because
* AArch64 has the same system calls both on little- and big- endian.
diff --git a/arch/c6x/include/asm/syscall.h b/arch/c6x/include/asm/syscall.h
index 38f3e2284ecd..0d78c67ee1fc 100644
--- a/arch/c6x/include/asm/syscall.h
+++ b/arch/c6x/include/asm/syscall.h
@@ -66,10 +66,19 @@ static inline void syscall_set_arguments(struct task_struct *task,
regs->a9 = *args;
}
+#ifdef CONFIG_CPU_BIG_ENDIAN
+#define SYSCALL_ARCH AUDIT_ARCH_C6XBE
+#else
+#define SYSCALL_ARCH AUDIT_ARCH_C6X
+#endif
+
+static __maybe_unused const int syscall_arches[] = {
+ SYSCALL_ARCH
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
- return IS_ENABLED(CONFIG_CPU_BIG_ENDIAN)
- ? AUDIT_ARCH_C6XBE : AUDIT_ARCH_C6X;
+ return SYSCALL_ARCH;
}
#endif /* __ASM_C6X_SYSCALLS_H */
diff --git a/arch/csky/include/asm/syscall.h b/arch/csky/include/asm/syscall.h
index f624fa3bbc22..86242d2850d7 100644
--- a/arch/csky/include/asm/syscall.h
+++ b/arch/csky/include/asm/syscall.h
@@ -68,6 +68,10 @@ syscall_set_arguments(struct task_struct *task, struct pt_regs *regs,
memcpy(®s->a1, args, 5 * sizeof(regs->a1));
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_CSKY
+};
+
static inline int
syscall_get_arch(struct task_struct *task)
{
diff --git a/arch/h8300/include/asm/syscall.h b/arch/h8300/include/asm/syscall.h
index 01666b8bb263..775f6ac8fde3 100644
--- a/arch/h8300/include/asm/syscall.h
+++ b/arch/h8300/include/asm/syscall.h
@@ -28,6 +28,10 @@ syscall_get_arguments(struct task_struct *task, struct pt_regs *regs,
*args = regs->er6;
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_H8300
+};
+
static inline int
syscall_get_arch(struct task_struct *task)
{
diff --git a/arch/hexagon/include/asm/syscall.h b/arch/hexagon/include/asm/syscall.h
index f6e454f18038..6ee21a76f6a3 100644
--- a/arch/hexagon/include/asm/syscall.h
+++ b/arch/hexagon/include/asm/syscall.h
@@ -45,6 +45,10 @@ static inline long syscall_get_return_value(struct task_struct *task,
return regs->r00;
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_HEXAGON
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_HEXAGON;
diff --git a/arch/ia64/include/asm/syscall.h b/arch/ia64/include/asm/syscall.h
index 6c6f16e409a8..19456125c89a 100644
--- a/arch/ia64/include/asm/syscall.h
+++ b/arch/ia64/include/asm/syscall.h
@@ -71,6 +71,10 @@ static inline void syscall_set_arguments(struct task_struct *task,
ia64_syscall_get_set_arguments(task, regs, args, 1);
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_IA64
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_IA64;
diff --git a/arch/m68k/include/asm/syscall.h b/arch/m68k/include/asm/syscall.h
index 465ac039be09..031b051f9026 100644
--- a/arch/m68k/include/asm/syscall.h
+++ b/arch/m68k/include/asm/syscall.h
@@ -4,6 +4,10 @@
#include <uapi/linux/audit.h>
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_M68K
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_M68K;
diff --git a/arch/microblaze/include/asm/syscall.h b/arch/microblaze/include/asm/syscall.h
index 3a6924f3cbde..28cde14056d1 100644
--- a/arch/microblaze/include/asm/syscall.h
+++ b/arch/microblaze/include/asm/syscall.h
@@ -105,6 +105,10 @@ static inline void syscall_set_arguments(struct task_struct *task,
asmlinkage unsigned long do_syscall_trace_enter(struct pt_regs *regs);
asmlinkage void do_syscall_trace_leave(struct pt_regs *regs);
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_MICROBLAZE
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_MICROBLAZE;
diff --git a/arch/mips/include/asm/syscall.h b/arch/mips/include/asm/syscall.h
index 25fa651c937d..29e4c1c47c54 100644
--- a/arch/mips/include/asm/syscall.h
+++ b/arch/mips/include/asm/syscall.h
@@ -140,6 +140,22 @@ extern const unsigned long sys_call_table[];
extern const unsigned long sys32_call_table[];
extern const unsigned long sysn32_call_table[];
+static __maybe_unused const int syscall_arches[] = {
+#ifdef __LITTLE_ENDIAN
+ AUDIT_ARCH_MIPSEL,
+# ifdef CONFIG_64BIT
+ AUDIT_ARCH_MIPSEL64,
+ AUDIT_ARCH_MIPSEL64N32,
+# endif /* CONFIG_64BIT */
+#else
+ AUDIT_ARCH_MIPS,
+# ifdef CONFIG_64BIT
+ AUDIT_ARCH_MIPS64,
+ AUDIT_ARCH_MIPS64N32,
+# endif /* CONFIG_64BIT */
+#endif /* __LITTLE_ENDIAN */
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
int arch = AUDIT_ARCH_MIPS;
diff --git a/arch/nds32/include/asm/syscall.h b/arch/nds32/include/asm/syscall.h
index 7b5180d78e20..2dd5e33bcfcb 100644
--- a/arch/nds32/include/asm/syscall.h
+++ b/arch/nds32/include/asm/syscall.h
@@ -154,11 +154,20 @@ syscall_set_arguments(struct task_struct *task, struct pt_regs *regs,
memcpy(®s->uregs[0] + 1, args, 5 * sizeof(args[0]));
}
+#ifdef CONFIG_CPU_BIG_ENDIAN
+#define SYSCALL_ARCH AUDIT_ARCH_NDS32BE
+#else
+#define SYSCALL_ARCH AUDIT_ARCH_NDS32
+#endif
+
+static __maybe_unused const int syscall_arches[] = {
+ SYSCALL_ARCH
+};
+
static inline int
syscall_get_arch(struct task_struct *task)
{
- return IS_ENABLED(CONFIG_CPU_BIG_ENDIAN)
- ? AUDIT_ARCH_NDS32BE : AUDIT_ARCH_NDS32;
+ return SYSCALL_ARCH;
}
#endif /* _ASM_NDS32_SYSCALL_H */
diff --git a/arch/nios2/include/asm/syscall.h b/arch/nios2/include/asm/syscall.h
index 526449edd768..8fa2716cac5a 100644
--- a/arch/nios2/include/asm/syscall.h
+++ b/arch/nios2/include/asm/syscall.h
@@ -69,6 +69,10 @@ static inline void syscall_set_arguments(struct task_struct *task,
regs->r9 = *args;
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_NIOS2
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_NIOS2;
diff --git a/arch/openrisc/include/asm/syscall.h b/arch/openrisc/include/asm/syscall.h
index e6383be2a195..4eb28ad08042 100644
--- a/arch/openrisc/include/asm/syscall.h
+++ b/arch/openrisc/include/asm/syscall.h
@@ -64,6 +64,10 @@ syscall_set_arguments(struct task_struct *task, struct pt_regs *regs,
memcpy(®s->gpr[3], args, 6 * sizeof(args[0]));
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_OPENRISC
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_OPENRISC;
diff --git a/arch/parisc/include/asm/syscall.h b/arch/parisc/include/asm/syscall.h
index 00b127a5e09b..2915f140c9fd 100644
--- a/arch/parisc/include/asm/syscall.h
+++ b/arch/parisc/include/asm/syscall.h
@@ -55,6 +55,13 @@ static inline void syscall_rollback(struct task_struct *task,
/* do nothing */
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_PARISC,
+#ifdef CONFIG_64BIT
+ AUDIT_ARCH_PARISC64,
+#endif
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
int arch = AUDIT_ARCH_PARISC;
diff --git a/arch/powerpc/include/asm/syscall.h b/arch/powerpc/include/asm/syscall.h
index fd1b518eed17..781deb211e3d 100644
--- a/arch/powerpc/include/asm/syscall.h
+++ b/arch/powerpc/include/asm/syscall.h
@@ -104,6 +104,20 @@ static inline void syscall_set_arguments(struct task_struct *task,
regs->orig_gpr3 = args[0];
}
+static __maybe_unused const int syscall_arches[] = {
+#ifdef __LITTLE_ENDIAN__
+ AUDIT_ARCH_PPC | __AUDIT_ARCH_LE,
+# ifdef CONFIG_PPC64
+ AUDIT_ARCH_PPC64LE,
+# endif /* CONFIG_PPC64 */
+#else
+ AUDIT_ARCH_PPC,
+# ifdef CONFIG_PPC64
+ AUDIT_ARCH_PPC64,
+# endif /* CONFIG_PPC64 */
+#endif /* __LITTLE_ENDIAN__ */
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
int arch;
diff --git a/arch/riscv/include/asm/syscall.h b/arch/riscv/include/asm/syscall.h
index 49350c8bd7b0..4b36d358243e 100644
--- a/arch/riscv/include/asm/syscall.h
+++ b/arch/riscv/include/asm/syscall.h
@@ -73,13 +73,19 @@ static inline void syscall_set_arguments(struct task_struct *task,
memcpy(®s->a1, args, 5 * sizeof(regs->a1));
}
-static inline int syscall_get_arch(struct task_struct *task)
-{
#ifdef CONFIG_64BIT
- return AUDIT_ARCH_RISCV64;
+#define SYSCALL_ARCH AUDIT_ARCH_RISCV64
#else
- return AUDIT_ARCH_RISCV32;
+#define SYSCALL_ARCH AUDIT_ARCH_RISCV32
#endif
+
+static __maybe_unused const int syscall_arches[] = {
+ SYSCALL_ARCH
+};
+
+static inline int syscall_get_arch(struct task_struct *task)
+{
+ return SYSCALL_ARCH;
}
#endif /* _ASM_RISCV_SYSCALL_H */
diff --git a/arch/s390/include/asm/syscall.h b/arch/s390/include/asm/syscall.h
index d9d5de0f67ff..4cb9da36610a 100644
--- a/arch/s390/include/asm/syscall.h
+++ b/arch/s390/include/asm/syscall.h
@@ -89,6 +89,13 @@ static inline void syscall_set_arguments(struct task_struct *task,
regs->orig_gpr2 = args[0];
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_S390X,
+#ifdef CONFIG_COMPAT
+ AUDIT_ARCH_S390,
+#endif
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
#ifdef CONFIG_COMPAT
diff --git a/arch/sh/include/asm/syscall_32.h b/arch/sh/include/asm/syscall_32.h
index cb51a7528384..4780f2339c72 100644
--- a/arch/sh/include/asm/syscall_32.h
+++ b/arch/sh/include/asm/syscall_32.h
@@ -69,13 +69,18 @@ static inline void syscall_set_arguments(struct task_struct *task,
regs->regs[4] = args[0];
}
-static inline int syscall_get_arch(struct task_struct *task)
-{
- int arch = AUDIT_ARCH_SH;
-
#ifdef CONFIG_CPU_LITTLE_ENDIAN
- arch |= __AUDIT_ARCH_LE;
+#define SYSCALL_ARCH AUDIT_ARCH_SHEL
+#else
+#define SYSCALL_ARCH AUDIT_ARCH_SH
#endif
- return arch;
+
+static __maybe_unused const int syscall_arches[] = {
+ SYSCALL_ARCH
+};
+
+static inline int syscall_get_arch(struct task_struct *task)
+{
+ return SYSCALL_ARCH;
}
#endif /* __ASM_SH_SYSCALL_32_H */
diff --git a/arch/sparc/include/asm/syscall.h b/arch/sparc/include/asm/syscall.h
index 62a5a78804c4..a458992cdcfe 100644
--- a/arch/sparc/include/asm/syscall.h
+++ b/arch/sparc/include/asm/syscall.h
@@ -127,6 +127,15 @@ static inline void syscall_set_arguments(struct task_struct *task,
regs->u_regs[UREG_I0 + i] = args[i];
}
+static __maybe_unused const int syscall_arches[] = {
+#ifdef CONFIG_SPARC64
+ AUDIT_ARCH_SPARC64,
+#endif
+#if !defined(CONFIG_SPARC64) || defined(CONFIG_COMPAT)
+ AUDIT_ARCH_SPARC,
+#endif
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
#if defined(CONFIG_SPARC64) && defined(CONFIG_COMPAT)
diff --git a/arch/x86/include/asm/syscall.h b/arch/x86/include/asm/syscall.h
index 7cbf733d11af..e13bb2a65b6f 100644
--- a/arch/x86/include/asm/syscall.h
+++ b/arch/x86/include/asm/syscall.h
@@ -97,6 +97,10 @@ static inline void syscall_set_arguments(struct task_struct *task,
memcpy(®s->bx + i, args, n * sizeof(args[0]));
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_I386
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_I386;
@@ -152,6 +156,13 @@ static inline void syscall_set_arguments(struct task_struct *task,
}
}
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_X86_64,
+#ifdef CONFIG_IA32_EMULATION
+ AUDIT_ARCH_I386,
+#endif
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
/* x32 tasks should be considered AUDIT_ARCH_X86_64. */
diff --git a/arch/x86/um/asm/syscall.h b/arch/x86/um/asm/syscall.h
index 56a2f0913e3c..590a31e22b99 100644
--- a/arch/x86/um/asm/syscall.h
+++ b/arch/x86/um/asm/syscall.h
@@ -9,13 +9,19 @@ typedef asmlinkage long (*sys_call_ptr_t)(unsigned long, unsigned long,
unsigned long, unsigned long,
unsigned long, unsigned long);
-static inline int syscall_get_arch(struct task_struct *task)
-{
#ifdef CONFIG_X86_32
- return AUDIT_ARCH_I386;
+#define SYSCALL_ARCH AUDIT_ARCH_I386
#else
- return AUDIT_ARCH_X86_64;
+#define SYSCALL_ARCH AUDIT_ARCH_X86_64
#endif
+
+static __maybe_unused const int syscall_arches[] = {
+ SYSCALL_ARCH
+};
+
+static inline int syscall_get_arch(struct task_struct *task)
+{
+ return SYSCALL_ARCH;
}
#endif /* __UM_ASM_SYSCALL_H */
diff --git a/arch/xtensa/include/asm/syscall.h b/arch/xtensa/include/asm/syscall.h
index f9a671cbf933..3d334fb0d329 100644
--- a/arch/xtensa/include/asm/syscall.h
+++ b/arch/xtensa/include/asm/syscall.h
@@ -14,6 +14,10 @@
#include <asm/ptrace.h>
#include <uapi/linux/audit.h>
+static __maybe_unused const int syscall_arches[] = {
+ AUDIT_ARCH_XTENSA
+};
+
static inline int syscall_get_arch(struct task_struct *task)
{
return AUDIT_ARCH_XTENSA;
--
2.28.0
next prev parent reply other threads:[~2020-09-24 12:07 UTC|newest]
Thread overview: 302+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-21 5:35 [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls YiFei Zhu
2020-09-21 5:35 ` YiFei Zhu
2020-09-21 5:35 ` [RFC PATCH seccomp 1/2] seccomp/cache: Add "emulator" to check if filter is arg-dependent YiFei Zhu
2020-09-21 5:35 ` YiFei Zhu
2020-09-21 17:47 ` Jann Horn via Containers
2020-09-21 17:47 ` Jann Horn
2020-09-21 18:38 ` Jann Horn via Containers
2020-09-21 18:38 ` Jann Horn
2020-09-21 23:44 ` YiFei Zhu
2020-09-21 23:44 ` YiFei Zhu
2020-09-22 0:25 ` Jann Horn via Containers
2020-09-22 0:25 ` Jann Horn
2020-09-22 0:47 ` YiFei Zhu
2020-09-22 0:47 ` YiFei Zhu
2020-09-21 5:35 ` [RFC PATCH seccomp 2/2] seccomp/cache: Cache filter results that allow syscalls YiFei Zhu
2020-09-21 5:35 ` YiFei Zhu
2020-09-21 18:08 ` Jann Horn via Containers
2020-09-21 18:08 ` Jann Horn
2020-09-21 22:50 ` YiFei Zhu
2020-09-21 22:50 ` YiFei Zhu
2020-09-21 22:57 ` Jann Horn via Containers
2020-09-21 22:57 ` Jann Horn
2020-09-21 23:08 ` YiFei Zhu
2020-09-21 23:08 ` YiFei Zhu
2020-09-25 0:01 ` [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array Kees Cook
2020-09-25 0:01 ` Kees Cook
2020-09-25 0:15 ` Jann Horn via Containers
2020-09-25 0:15 ` Jann Horn
2020-09-25 0:18 ` Al Viro
2020-09-25 0:18 ` Al Viro
2020-09-25 0:24 ` Jann Horn via Containers
2020-09-25 0:24 ` Jann Horn
2020-09-25 1:27 ` YiFei Zhu
2020-09-25 1:27 ` YiFei Zhu
2020-09-25 3:09 ` Kees Cook
2020-09-25 3:09 ` Kees Cook
2020-09-25 3:28 ` YiFei Zhu
2020-09-25 3:28 ` YiFei Zhu
2020-09-25 16:39 ` YiFei Zhu
2020-09-25 16:39 ` YiFei Zhu
2020-09-21 5:48 ` [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls Sargun Dhillon
2020-09-21 5:48 ` Sargun Dhillon
2020-09-21 7:13 ` YiFei Zhu
2020-09-21 7:13 ` YiFei Zhu
2020-09-21 8:30 ` Christian Brauner
2020-09-21 8:30 ` Christian Brauner
2020-09-21 8:44 ` YiFei Zhu
2020-09-21 8:44 ` YiFei Zhu
2020-09-21 13:51 ` Tycho Andersen
2020-09-21 13:51 ` Tycho Andersen
2020-09-21 15:27 ` YiFei Zhu
2020-09-21 15:27 ` YiFei Zhu
2020-09-21 16:39 ` Tycho Andersen
2020-09-21 16:39 ` Tycho Andersen
2020-09-21 22:57 ` YiFei Zhu
2020-09-21 22:57 ` YiFei Zhu
2020-09-21 19:16 ` Jann Horn via Containers
2020-09-21 19:16 ` Jann Horn
2020-09-21 19:35 ` Hubertus Franke
2020-09-21 19:45 ` Jann Horn via Containers
2020-09-21 19:45 ` Jann Horn
2020-09-23 19:26 ` Kees Cook
2020-09-23 19:26 ` Kees Cook
2020-09-23 22:54 ` YiFei Zhu
2020-09-23 22:54 ` YiFei Zhu
2020-09-24 6:52 ` Kees Cook
2020-09-24 6:52 ` Kees Cook
2020-09-24 12:06 ` [PATCH seccomp 0/6] " YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` [PATCH seccomp 1/6] seccomp: Move config option SECCOMP to arch/Kconfig YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu [this message]
2020-09-24 12:06 ` [PATCH seccomp 2/6] asm/syscall.h: Add syscall_arches[] array YiFei Zhu
2020-09-24 12:06 ` [PATCH seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` [PATCH seccomp 4/6] seccomp/cache: Lookup syscall allowlist for fast path YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` [PATCH seccomp 5/6] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:06 ` [PATCH seccomp 6/6] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu
2020-09-24 12:06 ` YiFei Zhu
2020-09-24 12:44 ` [PATCH v2 seccomp 0/6] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 12:44 ` [PATCH v2 seccomp 1/6] seccomp: Move config option SECCOMP to arch/Kconfig YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 19:11 ` Kees Cook
2020-09-24 19:11 ` Kees Cook
2020-10-27 9:52 ` Geert Uytterhoeven
2020-10-27 9:52 ` Geert Uytterhoeven
2020-10-27 19:08 ` YiFei Zhu
2020-10-27 19:08 ` YiFei Zhu
2020-10-28 0:06 ` Kees Cook
2020-10-28 0:06 ` Kees Cook
2020-10-28 8:18 ` Geert Uytterhoeven
2020-10-28 8:18 ` Geert Uytterhoeven
2020-10-28 9:34 ` Jann Horn via Containers
2020-10-28 9:34 ` Jann Horn
2020-09-24 12:44 ` [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 13:47 ` David Laight
2020-09-24 13:47 ` David Laight
2020-09-24 14:16 ` YiFei Zhu
2020-09-24 14:16 ` YiFei Zhu
2020-09-24 14:20 ` David Laight
2020-09-24 14:20 ` David Laight
2020-09-24 14:37 ` YiFei Zhu
2020-09-24 14:37 ` YiFei Zhu
2020-09-24 16:02 ` YiFei Zhu
2020-09-24 16:02 ` YiFei Zhu
2020-09-24 12:44 ` [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 23:25 ` Kees Cook
2020-09-24 23:25 ` Kees Cook
2020-09-25 3:04 ` YiFei Zhu
2020-09-25 3:04 ` YiFei Zhu
2020-09-25 16:45 ` YiFei Zhu
2020-09-25 16:45 ` YiFei Zhu
2020-09-25 19:42 ` Kees Cook
2020-09-25 19:42 ` Kees Cook
2020-09-25 19:51 ` Andy Lutomirski
2020-09-25 19:51 ` Andy Lutomirski
2020-09-25 20:37 ` Kees Cook
2020-09-25 20:37 ` Kees Cook
2020-09-25 21:07 ` Andy Lutomirski
2020-09-25 21:07 ` Andy Lutomirski
2020-09-25 23:49 ` Kees Cook
2020-09-25 23:49 ` Kees Cook
2020-09-26 0:34 ` Andy Lutomirski
2020-09-26 0:34 ` Andy Lutomirski
2020-09-26 1:23 ` YiFei Zhu
2020-09-26 1:23 ` YiFei Zhu
2020-09-26 2:47 ` Andy Lutomirski
2020-09-26 2:47 ` Andy Lutomirski
2020-09-26 4:35 ` Kees Cook
2020-09-26 4:35 ` Kees Cook
2020-09-24 12:44 ` [PATCH v2 seccomp 4/6] seccomp/cache: Lookup syscall allowlist for fast path YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 23:46 ` Kees Cook
2020-09-24 23:46 ` Kees Cook
2020-09-25 1:55 ` YiFei Zhu
2020-09-25 1:55 ` YiFei Zhu
2020-09-24 12:44 ` [PATCH v2 seccomp 5/6] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 23:47 ` Kees Cook
2020-09-24 23:47 ` Kees Cook
2020-09-25 1:35 ` YiFei Zhu
2020-09-25 1:35 ` YiFei Zhu
2020-09-24 12:44 ` [PATCH v2 seccomp 6/6] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu
2020-09-24 12:44 ` YiFei Zhu
2020-09-24 23:56 ` Kees Cook
2020-09-24 23:56 ` Kees Cook
2020-09-25 3:11 ` YiFei Zhu
2020-09-25 3:11 ` YiFei Zhu
2020-09-25 3:26 ` Kees Cook
2020-09-25 3:26 ` Kees Cook
2020-09-30 15:19 ` [PATCH v3 seccomp 0/5] seccomp: Add bitmap cache of constant allow filter results YiFei Zhu
2020-09-30 15:19 ` YiFei Zhu
2020-09-30 15:19 ` [PATCH v3 seccomp 1/5] x86: Enable seccomp architecture tracking YiFei Zhu
2020-09-30 15:19 ` YiFei Zhu
2020-09-30 21:21 ` Kees Cook
2020-09-30 21:21 ` Kees Cook
2020-09-30 21:33 ` Jann Horn via Containers
2020-09-30 21:33 ` Jann Horn
2020-09-30 22:53 ` Kees Cook
2020-09-30 22:53 ` Kees Cook
2020-09-30 23:15 ` Jann Horn via Containers
2020-09-30 23:15 ` Jann Horn
2020-09-30 15:19 ` [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow YiFei Zhu
2020-09-30 15:19 ` YiFei Zhu
2020-09-30 22:24 ` Jann Horn via Containers
2020-09-30 22:24 ` Jann Horn
2020-09-30 22:49 ` Kees Cook
2020-09-30 22:49 ` Kees Cook
2020-10-01 11:28 ` YiFei Zhu
2020-10-01 11:28 ` YiFei Zhu
2020-10-01 21:08 ` Jann Horn via Containers
2020-10-01 21:08 ` Jann Horn
2020-09-30 22:40 ` Kees Cook
2020-09-30 22:40 ` Kees Cook
2020-10-01 11:52 ` YiFei Zhu
2020-10-01 11:52 ` YiFei Zhu
2020-10-01 21:05 ` Kees Cook
2020-10-01 21:05 ` Kees Cook
2020-10-02 11:08 ` YiFei Zhu
2020-10-02 11:08 ` YiFei Zhu
2020-10-09 4:47 ` YiFei Zhu
2020-10-09 4:47 ` YiFei Zhu
2020-10-09 5:41 ` Kees Cook
2020-10-09 5:41 ` Kees Cook
2020-09-30 15:19 ` [PATCH v3 seccomp 3/5] seccomp/cache: Lookup syscall allowlist for fast path YiFei Zhu
2020-09-30 15:19 ` YiFei Zhu
2020-09-30 21:32 ` Kees Cook
2020-09-30 21:32 ` Kees Cook
2020-10-09 0:17 ` YiFei Zhu
2020-10-09 0:17 ` YiFei Zhu
2020-10-09 5:35 ` Kees Cook
2020-10-09 5:35 ` Kees Cook
2020-09-30 15:19 ` [PATCH v3 seccomp 4/5] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu
2020-09-30 15:19 ` YiFei Zhu
2020-09-30 15:19 ` [PATCH v3 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu
2020-09-30 15:19 ` YiFei Zhu
2020-09-30 22:00 ` Jann Horn via Containers
2020-09-30 22:00 ` Jann Horn
2020-09-30 23:12 ` Kees Cook
2020-09-30 23:12 ` Kees Cook
2020-10-01 12:06 ` YiFei Zhu
2020-10-01 12:06 ` YiFei Zhu
2020-10-01 16:05 ` Jann Horn via Containers
2020-10-01 16:05 ` Jann Horn
2020-10-01 16:18 ` YiFei Zhu
2020-10-01 16:18 ` YiFei Zhu
2020-09-30 22:59 ` Kees Cook
2020-09-30 22:59 ` Kees Cook
2020-09-30 23:08 ` Jann Horn via Containers
2020-09-30 23:08 ` Jann Horn
2020-09-30 23:21 ` Kees Cook
2020-09-30 23:21 ` Kees Cook
2020-10-09 17:14 ` [PATCH v4 seccomp 0/5] seccomp: Add bitmap cache of constant allow filter results YiFei Zhu
2020-10-09 17:14 ` YiFei Zhu
2020-10-09 17:14 ` [PATCH v4 seccomp 1/5] seccomp/cache: Lookup syscall allowlist bitmap for fast path YiFei Zhu
2020-10-09 17:14 ` YiFei Zhu
2020-10-09 21:30 ` Jann Horn via Containers
2020-10-09 21:30 ` Jann Horn
2020-10-09 23:18 ` Kees Cook
2020-10-09 23:18 ` Kees Cook
2020-10-09 17:14 ` [PATCH v4 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow YiFei Zhu
2020-10-09 17:14 ` YiFei Zhu
2020-10-09 21:30 ` Jann Horn via Containers
2020-10-09 21:30 ` Jann Horn
2020-10-09 22:47 ` Kees Cook
2020-10-09 22:47 ` Kees Cook
2020-10-09 17:14 ` [PATCH v4 seccomp 3/5] x86: Enable seccomp architecture tracking YiFei Zhu
2020-10-09 17:14 ` YiFei Zhu
2020-10-09 17:25 ` Andy Lutomirski
2020-10-09 17:25 ` Andy Lutomirski
2020-10-09 18:32 ` YiFei Zhu
2020-10-09 18:32 ` YiFei Zhu
2020-10-09 20:59 ` Andy Lutomirski
2020-10-09 20:59 ` Andy Lutomirski
2020-10-09 17:14 ` [PATCH v4 seccomp 4/5] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu
2020-10-09 17:14 ` YiFei Zhu
2020-10-09 17:14 ` [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu
2020-10-09 17:14 ` YiFei Zhu
2020-10-09 21:24 ` kernel test robot
2020-10-09 21:24 ` kernel test robot
2020-10-09 21:24 ` kernel test robot
2020-10-09 21:45 ` Jann Horn via Containers
2020-10-09 21:45 ` Jann Horn
2020-10-09 23:14 ` Kees Cook
2020-10-09 23:14 ` Kees Cook
2020-10-10 13:26 ` YiFei Zhu
2020-10-10 13:26 ` YiFei Zhu
2020-10-12 22:57 ` Kees Cook
2020-10-12 22:57 ` Kees Cook
2020-10-13 0:31 ` YiFei Zhu
2020-10-13 0:31 ` YiFei Zhu
2020-10-22 20:52 ` YiFei Zhu
2020-10-22 20:52 ` YiFei Zhu
2020-10-22 22:32 ` Kees Cook
2020-10-22 22:32 ` Kees Cook
2020-10-22 23:40 ` YiFei Zhu
2020-10-22 23:40 ` YiFei Zhu
2020-10-24 2:51 ` Kees Cook
2020-10-24 2:51 ` Kees Cook
2020-10-30 12:18 ` YiFei Zhu
2020-10-30 12:18 ` YiFei Zhu
2020-11-03 13:00 ` YiFei Zhu
2020-11-03 13:00 ` YiFei Zhu
2020-11-04 0:29 ` Kees Cook
2020-11-04 0:29 ` Kees Cook
2020-11-04 11:40 ` YiFei Zhu
2020-11-04 11:40 ` YiFei Zhu
2020-11-04 18:57 ` Kees Cook
2020-11-04 18:57 ` Kees Cook
2020-10-11 15:47 ` [PATCH v5 seccomp 0/5]seccomp: Add bitmap cache of constant allow filter results YiFei Zhu
2020-10-11 15:47 ` YiFei Zhu
2020-10-11 15:47 ` [PATCH v5 seccomp 1/5] seccomp/cache: Lookup syscall allowlist bitmap for fast path YiFei Zhu
2020-10-11 15:47 ` YiFei Zhu
2020-10-12 6:42 ` Jann Horn via Containers
2020-10-12 6:42 ` Jann Horn
2020-10-11 15:47 ` [PATCH v5 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow YiFei Zhu
2020-10-11 15:47 ` YiFei Zhu
2020-10-12 6:46 ` Jann Horn via Containers
2020-10-12 6:46 ` Jann Horn
2020-10-11 15:47 ` [PATCH v5 seccomp 3/5] x86: Enable seccomp architecture tracking YiFei Zhu
2020-10-11 15:47 ` YiFei Zhu
2020-10-11 15:47 ` [PATCH v5 seccomp 4/5] selftests/seccomp: Compare bitmap vs filter overhead YiFei Zhu
2020-10-11 15:47 ` YiFei Zhu
2020-10-11 15:47 ` [PATCH v5 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache YiFei Zhu
2020-10-11 15:47 ` YiFei Zhu
2020-10-12 6:49 ` Jann Horn via Containers
2020-10-12 6:49 ` Jann Horn
2020-12-17 12:14 ` Geert Uytterhoeven
2020-12-17 12:14 ` Geert Uytterhoeven
2020-12-17 18:34 ` YiFei Zhu
2020-12-17 18:34 ` YiFei Zhu
2020-12-18 12:35 ` Geert Uytterhoeven
2020-12-18 12:35 ` Geert Uytterhoeven
2020-10-27 19:14 ` [PATCH v5 seccomp 0/5]seccomp: Add bitmap cache of constant allow filter results Kees Cook
2020-10-27 19:14 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20bbc8ed4b9f2c83d0f67f37955eb2d789268525.1600946701.git.yifeifz2@illinois.edu \
--to=zhuyifei1999@gmail.com \
--cc=aarcange@redhat.com \
--cc=bpf@vger.kernel.org \
--cc=containers@lists.linux-foundation.org \
--cc=dskarlat@cs.cmu.edu \
--cc=frankeh@us.ibm.com \
--cc=gscrivan@redhat.com \
--cc=jannh@google.com \
--cc=jianyan2@illinois.edu \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=tobin@ibm.com \
--cc=torrella@illinois.edu \
--cc=tyxu@illinois.edu \
--cc=vrothber@redhat.com \
--cc=wad@chromium.org \
--cc=yifeifz2@illinois.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.