Re: [PATCH v2] seccomp: switch to using asm-generic for seccomp.h
On Tue, Mar 3, 2015 at 12:30 AM, Ingo Molnar mi...@kernel.org wrote: * Kees Cook keesc...@chromium.org wrote: Most architectures don't need to do anything special for the strict seccomp syscall entries. Remove the redundant headers and reduce the others. 19 files changed, 27 insertions(+), 137 deletions(-) Lovely cleanup factor. Just to make sure, are you sure the 32-bit details are identical across architectures? I did gcc -E -dM style output comparisons on the architectures I had compilers for, and the buildbot hasn't complained on any of the others (though see the bottom of this email). For example some architectures did this: --- a/arch/microblaze/include/asm/seccomp.h +++ /dev/null @@ -1,16 +0,0 @@ -#ifndef _ASM_MICROBLAZE_SECCOMP_H -#define _ASM_MICROBLAZE_SECCOMP_H - -#include linux/unistd.h - -#define __NR_seccomp_read__NR_read -#define __NR_seccomp_write __NR_write -#define __NR_seccomp_exit__NR_exit -#define __NR_seccomp_sigreturn __NR_sigreturn - -#define __NR_seccomp_read_32 __NR_read -#define __NR_seccomp_write_32__NR_write -#define __NR_seccomp_exit_32 __NR_exit -#define __NR_seccomp_sigreturn_32__NR_sigreturn The asm-generic uses the same syscall numbers from both 64 and 32, which matches most architectures, and those are the ones that had their seccomp.h entirely eliminated. others did this: diff --git a/arch/x86/include/asm/seccomp_64.h b/arch/x86/include/asm/seccomp_64.h deleted file mode 100644 index 84ec1bd161a5.. --- a/arch/x86/include/asm/seccomp_64.h +++ /dev/null @@ -1,17 +0,0 @@ -#ifndef _ASM_X86_SECCOMP_64_H -#define _ASM_X86_SECCOMP_64_H - -#include linux/unistd.h -#include asm/ia32_unistd.h - -#define __NR_seccomp_read __NR_read -#define __NR_seccomp_write __NR_write -#define __NR_seccomp_exit __NR_exit -#define __NR_seccomp_sigreturn __NR_rt_sigreturn - -#define __NR_seccomp_read_32 __NR_ia32_read -#define __NR_seccomp_write_32 __NR_ia32_write -#define __NR_seccomp_exit_32 __NR_ia32_exit -#define __NR_seccomp_sigreturn_32 __NR_ia32_sigreturn - -#endif /* _ASM_X86_SECCOMP_64_H */ Well, this was x86's split config that was consolidated into the file below: While in yet another case you kept the syscall mappings: --- a/arch/x86/include/asm/seccomp.h +++ b/arch/x86/include/asm/seccomp.h @@ -1,5 +1,20 @@ +#ifndef _ASM_X86_SECCOMP_H +#define _ASM_X86_SECCOMP_H + +#include asm/unistd.h + +#ifdef CONFIG_COMPAT +#include asm/ia32_unistd.h +#define __NR_seccomp_read_32 __NR_ia32_read +#define __NR_seccomp_write_32__NR_ia32_write +#define __NR_seccomp_exit_32 __NR_ia32_exit +#define __NR_seccomp_sigreturn_32__NR_ia32_sigreturn +#endif + #ifdef CONFIG_X86_32 -# include asm/seccomp_32.h -#else -# include asm/seccomp_64.h +#define __NR_seccomp_sigreturn __NR_sigreturn #endif + +#include asm-generic/seccomp.h + +#endif /* _ASM_X86_SECCOMP_H */ It might all be correct, but it's not obvious to me. The x86 change was the most complex as it removed a seccomp_32. and seccomp_64.h file and merged into a single asm/seccomp.h to provide overrides for the _32 #defines. However, in looking at it now... I see some flip/flopping of __NR_sigreturn and __NR_rt_sigreturn between some of the architectures. Let me study that and send a v3. I think there are some accidental changes on microblaze and powerpc. -Kees -- Kees Cook Chrome OS Security ___ Linuxppc-dev mailing list Linuxppc-dev@lists.ozlabs.org https://lists.ozlabs.org/listinfo/linuxppc-dev
Re: [PATCH v2] seccomp: switch to using asm-generic for seccomp.h
* Kees Cook keesc...@chromium.org wrote: Most architectures don't need to do anything special for the strict seccomp syscall entries. Remove the redundant headers and reduce the others. 19 files changed, 27 insertions(+), 137 deletions(-) Lovely cleanup factor. Just to make sure, are you sure the 32-bit details are identical across architectures? For example some architectures did this: --- a/arch/microblaze/include/asm/seccomp.h +++ /dev/null @@ -1,16 +0,0 @@ -#ifndef _ASM_MICROBLAZE_SECCOMP_H -#define _ASM_MICROBLAZE_SECCOMP_H - -#include linux/unistd.h - -#define __NR_seccomp_read__NR_read -#define __NR_seccomp_write __NR_write -#define __NR_seccomp_exit__NR_exit -#define __NR_seccomp_sigreturn __NR_sigreturn - -#define __NR_seccomp_read_32 __NR_read -#define __NR_seccomp_write_32__NR_write -#define __NR_seccomp_exit_32 __NR_exit -#define __NR_seccomp_sigreturn_32__NR_sigreturn others did this: diff --git a/arch/x86/include/asm/seccomp_64.h b/arch/x86/include/asm/seccomp_64.h deleted file mode 100644 index 84ec1bd161a5.. --- a/arch/x86/include/asm/seccomp_64.h +++ /dev/null @@ -1,17 +0,0 @@ -#ifndef _ASM_X86_SECCOMP_64_H -#define _ASM_X86_SECCOMP_64_H - -#include linux/unistd.h -#include asm/ia32_unistd.h - -#define __NR_seccomp_read __NR_read -#define __NR_seccomp_write __NR_write -#define __NR_seccomp_exit __NR_exit -#define __NR_seccomp_sigreturn __NR_rt_sigreturn - -#define __NR_seccomp_read_32 __NR_ia32_read -#define __NR_seccomp_write_32 __NR_ia32_write -#define __NR_seccomp_exit_32 __NR_ia32_exit -#define __NR_seccomp_sigreturn_32 __NR_ia32_sigreturn - -#endif /* _ASM_X86_SECCOMP_64_H */ While in yet another case you kept the syscall mappings: --- a/arch/x86/include/asm/seccomp.h +++ b/arch/x86/include/asm/seccomp.h @@ -1,5 +1,20 @@ +#ifndef _ASM_X86_SECCOMP_H +#define _ASM_X86_SECCOMP_H + +#include asm/unistd.h + +#ifdef CONFIG_COMPAT +#include asm/ia32_unistd.h +#define __NR_seccomp_read_32 __NR_ia32_read +#define __NR_seccomp_write_32__NR_ia32_write +#define __NR_seccomp_exit_32 __NR_ia32_exit +#define __NR_seccomp_sigreturn_32__NR_ia32_sigreturn +#endif + #ifdef CONFIG_X86_32 -# include asm/seccomp_32.h -#else -# include asm/seccomp_64.h +#define __NR_seccomp_sigreturn __NR_sigreturn #endif + +#include asm-generic/seccomp.h + +#endif /* _ASM_X86_SECCOMP_H */ It might all be correct, but it's not obvious to me. Thanks, Ingo ___ Linuxppc-dev mailing list Linuxppc-dev@lists.ozlabs.org https://lists.ozlabs.org/listinfo/linuxppc-dev
[PATCH v2] seccomp: switch to using asm-generic for seccomp.h
Most architectures don't need to do anything special for the strict seccomp syscall entries. Remove the redundant headers and reduce the others. Signed-off-by: Kees Cook keesc...@chromium.org --- v2: - use Kbuild generic-y instead of explicit #include lines (sfr) --- arch/arm/include/asm/Kbuild | 1 + arch/arm/include/asm/seccomp.h | 11 --- arch/microblaze/include/asm/Kbuild | 1 + arch/microblaze/include/asm/seccomp.h | 16 arch/mips/include/asm/seccomp.h | 7 ++- arch/parisc/include/asm/Kbuild | 1 + arch/parisc/include/asm/seccomp.h | 16 arch/powerpc/include/asm/Kbuild | 1 + arch/powerpc/include/uapi/asm/Kbuild| 1 - arch/powerpc/include/uapi/asm/seccomp.h | 16 arch/s390/include/asm/Kbuild| 1 + arch/s390/include/asm/seccomp.h | 16 arch/sh/include/asm/Kbuild | 1 + arch/sh/include/asm/seccomp.h | 10 -- arch/sparc/include/asm/Kbuild | 1 + arch/sparc/include/asm/seccomp.h| 15 --- arch/x86/include/asm/seccomp.h | 21 ++--- arch/x86/include/asm/seccomp_32.h | 11 --- arch/x86/include/asm/seccomp_64.h | 17 - 19 files changed, 27 insertions(+), 137 deletions(-) delete mode 100644 arch/arm/include/asm/seccomp.h delete mode 100644 arch/microblaze/include/asm/seccomp.h delete mode 100644 arch/parisc/include/asm/seccomp.h delete mode 100644 arch/powerpc/include/uapi/asm/seccomp.h delete mode 100644 arch/s390/include/asm/seccomp.h delete mode 100644 arch/sh/include/asm/seccomp.h delete mode 100644 arch/sparc/include/asm/seccomp.h delete mode 100644 arch/x86/include/asm/seccomp_32.h delete mode 100644 arch/x86/include/asm/seccomp_64.h diff --git a/arch/arm/include/asm/Kbuild b/arch/arm/include/asm/Kbuild index fe74c0d1e485..d7be5a9fd171 100644 --- a/arch/arm/include/asm/Kbuild +++ b/arch/arm/include/asm/Kbuild @@ -22,6 +22,7 @@ generic-y += preempt.h generic-y += resource.h generic-y += rwsem.h generic-y += scatterlist.h +generic-y += seccomp.h generic-y += sections.h generic-y += segment.h generic-y += sembuf.h diff --git a/arch/arm/include/asm/seccomp.h b/arch/arm/include/asm/seccomp.h deleted file mode 100644 index 52b156b341f5.. --- a/arch/arm/include/asm/seccomp.h +++ /dev/null @@ -1,11 +0,0 @@ -#ifndef _ASM_ARM_SECCOMP_H -#define _ASM_ARM_SECCOMP_H - -#include linux/unistd.h - -#define __NR_seccomp_read __NR_read -#define __NR_seccomp_write __NR_write -#define __NR_seccomp_exit __NR_exit -#define __NR_seccomp_sigreturn __NR_rt_sigreturn - -#endif /* _ASM_ARM_SECCOMP_H */ diff --git a/arch/microblaze/include/asm/Kbuild b/arch/microblaze/include/asm/Kbuild index ab564a6db5c3..877e2f610655 100644 --- a/arch/microblaze/include/asm/Kbuild +++ b/arch/microblaze/include/asm/Kbuild @@ -8,5 +8,6 @@ generic-y += irq_work.h generic-y += mcs_spinlock.h generic-y += preempt.h generic-y += scatterlist.h +generic-y += seccomp.h generic-y += syscalls.h generic-y += trace_clock.h diff --git a/arch/microblaze/include/asm/seccomp.h b/arch/microblaze/include/asm/seccomp.h deleted file mode 100644 index 0d912758a0d7.. --- a/arch/microblaze/include/asm/seccomp.h +++ /dev/null @@ -1,16 +0,0 @@ -#ifndef _ASM_MICROBLAZE_SECCOMP_H -#define _ASM_MICROBLAZE_SECCOMP_H - -#include linux/unistd.h - -#define __NR_seccomp_read __NR_read -#define __NR_seccomp_write __NR_write -#define __NR_seccomp_exit __NR_exit -#define __NR_seccomp_sigreturn __NR_sigreturn - -#define __NR_seccomp_read_32 __NR_read -#define __NR_seccomp_write_32 __NR_write -#define __NR_seccomp_exit_32 __NR_exit -#define __NR_seccomp_sigreturn_32 __NR_sigreturn - -#endif /* _ASM_MICROBLAZE_SECCOMP_H */ diff --git a/arch/mips/include/asm/seccomp.h b/arch/mips/include/asm/seccomp.h index f29c75cf83c6..1d8a2e2c75c1 100644 --- a/arch/mips/include/asm/seccomp.h +++ b/arch/mips/include/asm/seccomp.h @@ -2,11 +2,6 @@ #include linux/unistd.h -#define __NR_seccomp_read __NR_read -#define __NR_seccomp_write __NR_write -#define __NR_seccomp_exit __NR_exit -#define __NR_seccomp_sigreturn __NR_rt_sigreturn - /* * Kludge alert: * @@ -29,4 +24,6 @@ #endif /* CONFIG_MIPS32_O32 */ +#include asm-generic/seccomp.h + #endif /* __ASM_SECCOMP_H */ diff --git a/arch/parisc/include/asm/Kbuild b/arch/parisc/include/asm/Kbuild index 8686237a3c3c..12b341d04f88 100644 --- a/arch/parisc/include/asm/Kbuild +++ b/arch/parisc/include/asm/Kbuild @@ -20,6 +20,7 @@ generic-y += param.h generic-y += percpu.h generic-y += poll.h generic-y += preempt.h +generic-y += seccomp.h generic-y += segment.h generic-y += topology.h generic-y += trace_clock.h diff --git a/arch/parisc/include/asm/seccomp.h b/arch/parisc/include/asm/seccomp.h deleted file mode 100644 index
