Re: [PATCH 1/4] seccomp/mips: change syscall_trace_enter() to use secure_computing()

From: Kees Cook
Date: Mon Jan 20 2025 - 16:48:34 EST

Next message: Juntong Deng: "Re: [RFC PATCH bpf-next 2/7] bpf: Add enum bpf_capability"
Previous message: Paul Moore: "Re: [PATCH 1/3] mm: security: Move hardened usercopy under 'Kernel hardening options'"
In reply to: Oleg Nesterov: "[PATCH 1/4] seccomp/mips: change syscall_trace_enter() to use secure_computing()"
Next in thread: Thomas Bogendoerfer: "Re: [PATCH 1/4] seccomp/mips: change syscall_trace_enter() to use secure_computing()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jan 20, 2025 at 02:44:45PM +0100, Oleg Nesterov wrote:
> arch/mips/Kconfig selects HAVE_ARCH_SECCOMP_FILTER so syscall_trace_enter()
> can just use __secure_computing(NULL) and rely on populate_seccomp_data(sd)
> and "sd == NULL" checks in __secure_computing(sd) paths.
>
> With the change above syscall_trace_enter() can just use secure_computing()
> and avoid #ifdef + test_thread_flag(TIF_SECCOMP). CONFIG_GENERIC_ENTRY is
> not defined, so test_syscall_work(SECCOMP) will check TIF_SECCOMP.
>
> Signed-off-by: Oleg Nesterov <oleg@xxxxxxxxxx>
> ---
> arch/mips/kernel/ptrace.c | 20 ++------------------
> 1 file changed, 2 insertions(+), 18 deletions(-)
>
> diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c
> index 61503a36067e..f7107479c7fa 100644
> --- a/arch/mips/kernel/ptrace.c
> +++ b/arch/mips/kernel/ptrace.c
> @@ -1326,24 +1326,8 @@ asmlinkage long syscall_trace_enter(struct pt_regs *regs)
> return -1;
> }
>
> -#ifdef CONFIG_SECCOMP
> - if (unlikely(test_thread_flag(TIF_SECCOMP))) {

Yup, this test works out the same as what secure_computing() does.

> - int ret, i;
> - struct seccomp_data sd;
> - unsigned long args[6];
> -
> - sd.nr = current_thread_info()->syscall;

This matches MIPS's syscall_get_nr() in populate_seccomp_data().

> - sd.arch = syscall_get_arch(current);
> - syscall_get_arguments(current, regs, args);
> - for (i = 0; i < 6; i++)
> - sd.args[i] = args[i];
> - sd.instruction_pointer = KSTK_EIP(current);

Rest matches the rest of populate_seccomp_data().

> -
> - ret = __secure_computing(&sd);
> - if (ret == -1)
> - return ret;
> - }
> -#endif
> + if (secure_computing())
> + return -1;
>
> if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
> trace_sys_enter(regs, regs->regs[2]);
> --

So this check out logically from what I can see. I can build test it,
but I don't have MIPS emulation set up. I'd love an Ack from a MIPS
maintainer...

Reviewed-by: Kees Cook <kees@xxxxxxxxxx>

--
Kees Cook

Next message: Juntong Deng: "Re: [RFC PATCH bpf-next 2/7] bpf: Add enum bpf_capability"
Previous message: Paul Moore: "Re: [PATCH 1/3] mm: security: Move hardened usercopy under 'Kernel hardening options'"
In reply to: Oleg Nesterov: "[PATCH 1/4] seccomp/mips: change syscall_trace_enter() to use secure_computing()"
Next in thread: Thomas Bogendoerfer: "Re: [PATCH 1/4] seccomp/mips: change syscall_trace_enter() to use secure_computing()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]