linux/arch/s390/kernel
Andy Lutomirski a4412fc948 seccomp,x86,arm,mips,s390: Remove nr parameter from secure_computing
The secure_computing function took a syscall number parameter, but
it only paid any attention to that parameter if seccomp mode 1 was
enabled.  Rather than coming up with a kludge to get the parameter
to work in mode 2, just remove the parameter.

To avoid churn in arches that don't have seccomp filters (and may
not even support syscall_get_nr right now), this leaves the
parameter in secure_computing_strict, which is now a real function.

For ARM, this is a bit ugly due to the fact that ARM conditionally
supports seccomp filters.  Fixing that would probably only be a
couple of lines of code, but it should be coordinated with the audit
maintainers.

This will be a slight slowdown on some arches.  The right fix is to
pass in all of seccomp_data instead of trying to make just the
syscall nr part be fast.

This is a prerequisite for making two-phase seccomp work cleanly.

Cc: Russell King <linux@arm.linux.org.uk>
Cc: linux-arm-kernel@lists.infradead.org
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: linux-mips@linux-mips.org
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: linux-s390@vger.kernel.org
Cc: x86@kernel.org
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Kees Cook <keescook@chromium.org>
2014-09-03 14:58:17 -07:00
..
vdso32 s390/time,vdso: fix clock_gettime for CLOCK_MONOTONIC 2013-12-02 18:15:25 +01:00
vdso64 s390/time,vdso: fix clock_gettime for CLOCK_MONOTONIC 2013-12-02 18:15:25 +01:00
.gitignore
asm-offsets.c At over 200 commits, covering almost all supported architectures, this 2014-06-04 08:47:12 -07:00
audit.c
audit.h
base.S s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
cache.c s390, cacheinfo: Fix CPU hotplug callback registration 2014-03-20 13:43:41 +01:00
compat_audit.c
compat_linux.c s390/compat: add sync_file_range and fallocate compat syscalls 2014-03-04 09:05:47 +01:00
compat_linux.h s390/compat: correct ucontext layout for high gprs 2014-06-16 10:31:40 +02:00
compat_ptrace.h
compat_signal.c s390: Use get_signal() signal_setup_done() 2014-08-06 13:03:10 +02:00
compat_wrapper.c s390: wire up memfd_create syscall 2014-08-12 13:00:08 +02:00
cpcmd.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
crash_dump.c s390/mm: Convert bootmem to memblock 2014-05-20 08:58:40 +02:00
debug.c s390: convert use of typedef ctl_table to struct ctl_table 2013-10-28 08:36:25 +01:00
diag.c
dis.c s390/kprobes: allow kprobes only on known instructions 2013-10-24 17:16:50 +02:00
dumpstack.c s390: show_registers() should not map user space addresses to kernel symbols 2014-04-11 13:53:27 +02:00
early.c s390/mm: Convert bootmem to memblock 2014-05-20 08:58:40 +02:00
ebcdic.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
entry64.S At over 200 commits, covering almost all supported architectures, this 2014-06-04 08:47:12 -07:00
entry.h s390: Use get_signal() signal_setup_done() 2014-08-06 13:03:10 +02:00
entry.S At over 200 commits, covering almost all supported architectures, this 2014-06-04 08:47:12 -07:00
ftrace.c ftrace: Do not pass data to ftrace_dyn_arch_init 2014-03-07 10:06:14 -05:00
head31.S s390/mm: Convert bootmem to memblock 2014-05-20 08:58:40 +02:00
head64.S s390: fix kernel crash due to linkage stack instructions 2014-02-05 11:00:50 +01:00
head_kdump.S s390/kdump: Use 64 bit mode for 0x10000 entry point 2012-10-18 17:50:09 +02:00
head.S s390: require mvcos facility, not tod clock steering facility 2014-07-16 10:48:09 +02:00
ipl.c s390/kdump: Clear subchannel ID to signal non-CCW/SCSI IPL 2014-08-12 13:00:06 +02:00
irq.c s390/irq: improve displayed interrupt order in /proc/interrupts 2014-07-28 10:02:36 +02:00
jump_label.c
kprobes.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2013-11-15 16:47:22 -08:00
lgr.c s390/sysinfo,stsi: change return code handling 2012-09-26 15:45:12 +02:00
machine_kexec.c s390: make various functions static, add declarations to header files 2013-09-07 11:58:03 +02:00
Makefile s390/compat: remove compat exec domain 2014-03-07 15:26:02 +01:00
mcount64.S s390/ftrace: remove check of obsolete variable function_trace_stop 2014-07-18 13:58:11 -04:00
mcount.S s390/ftrace: remove check of obsolete variable function_trace_stop 2014-07-18 13:58:11 -04:00
module.c mm/arch: use NUMA_NO_NODE 2013-11-13 12:09:05 +09:00
nmi.c s390: split TIF bits into CIF, PIF and TIF bits 2014-05-20 08:58:47 +02:00
os_info.c Include missing linux/slab.h inclusions 2013-04-29 15:42:01 -04:00
perf_cpum_cf_events.c s390/cpum_cf: Export event names in sysfs 2013-12-16 14:37:50 +01:00
perf_cpum_cf.c s390, perf: Use common PMU interrupt disabled code 2014-06-19 19:37:50 +02:00
perf_cpum_sf.c s390/irq: Use defines for external interruption codes 2014-04-03 14:30:52 +02:00
perf_event.c s390/perf: make print_debug_cf() static 2014-03-14 12:59:32 +01:00
pgm_check.S s390/mm: handle asce-type exceptions as normal page fault 2013-11-25 09:15:42 +01:00
process.c s390: split TIF bits into CIF, PIF and TIF bits 2014-05-20 08:58:47 +02:00
processor.c s390: delete __cpuinit usage from all s390 files 2013-07-14 19:36:53 -04:00
ptrace.c seccomp,x86,arm,mips,s390: Remove nr parameter from secure_computing 2014-09-03 14:58:17 -07:00
reipl64.S s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
reipl.S s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
relocate_kernel64.S s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
relocate_kernel.S s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
runtime_instr.c s390/irq: Use defines for external interruption codes 2014-04-03 14:30:52 +02:00
s390_ksyms.c s390: use IS_ENABLED to check if a CONFIG is set to y or m 2013-12-16 14:38:04 +01:00
sclp.S s390/irq: Use defines for external interruption codes 2014-04-03 14:30:52 +02:00
setup.c s390: add system information as device randomness 2014-08-12 13:00:07 +02:00
signal.c s390: Use get_signal() signal_setup_done() 2014-08-06 13:03:10 +02:00
smp.c s390/smp: Avoid busy loop after halt and "begin" on z/VM 2014-05-20 08:58:45 +02:00
stacktrace.c s390/comments: unify copyright messages and remove file names 2012-07-20 11:15:04 +02:00
suspend.c s390: make various functions static, add declarations to header files 2013-09-07 11:58:03 +02:00
swsusp_asm64.S s390/hibernate: add early resume function 2013-08-30 08:57:15 +02:00
sys_s390.c teach SYSCALL_DEFINE<n> how to deal with long long/unsigned long long 2013-03-03 22:46:22 -05:00
syscalls.S s390: wire up memfd_create syscall 2014-08-12 13:00:08 +02:00
sysinfo.c s390: delete __cpuinit usage from all s390 files 2013-07-14 19:36:53 -04:00
time.c timekeeping: Create struct tk_read_base and use it in struct timekeeper 2014-07-23 15:01:53 -07:00
topology.c Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip into next 2014-06-03 14:00:15 -07:00
traps.c s390/dumpstack: fix call chain walking 2013-04-17 14:07:28 +02:00
vdso.c arm64,ia64,ppc,s390,sh,tile,um,x86,mm: remove default gate area 2014-08-08 15:57:27 -07:00
vmlinux.lds.S s390/linker skript: discard exit.data at runtime 2013-02-14 15:55:21 +01:00
vtime.c s390/vtime: correct idle time calculation 2013-10-31 09:52:52 +01:00