• James Hogan's avatar
    MIPS: seccomp: Fix indirect syscall args · 3d729dea
    James Hogan authored
    Since commit 669c4092 ("MIPS: Give __secure_computing() access to
    syscall arguments."), upon syscall entry when seccomp is enabled,
    syscall_trace_enter() passes a carefully prepared struct seccomp_data
    containing syscall arguments to __secure_computing(). Unfortunately it
    directly uses mips_get_syscall_arg() and fails to take into account the
    indirect O32 system calls (i.e. syscall(2)) which put the system call
    number in a0 and have the arguments shifted up by one entry.
    
    We can't just revert that commit as samples/bpf/tracex5 would break
    again, so use syscall_get_arguments() which already takes indirect
    syscalls into account instead of directly using mips_get_syscall_arg(),
    similar to what populate_seccomp_data() does.
    
    This also removes the redundant error checking of the
    mips_get_syscall_arg() return value (get_user() already zeroes the
    result if an argument from the stack can't be loaded).
    Reported-by: default avatarJames Cowgill <James.Cowgill@imgtec.com>
    Fixes: 669c4092 ("MIPS: Give __secure_computing() access to syscall arguments.")
    Signed-off-by: default avatarJames Hogan <james.hogan@imgtec.com>
    Reviewed-by: default avatarKees Cook <keescook@chromium.org>
    Cc: David Daney <david.daney@cavium.com>
    Cc: Andy Lutomirski <luto@amacapital.net>
    Cc: Will Drewry <wad@chromium.org>
    Cc: Oleg Nesterov <oleg@redhat.com>
    Cc: Alexei Starovoitov <ast@kernel.org>
    Cc: Daniel Borkmann <daniel@iogearbox.net>
    Cc: netdev@vger.kernel.org
    Cc: linux-kernel@vger.kernel.org
    Cc: linux-mips@linux-mips.org
    Patchwork: https://patchwork.linux-mips.org/patch/16994/Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
    3d729dea
ptrace.c 21.9 KB