Below is a revised patch that has the correct gcc RTL code for the 64 bit
ia32 syscall.
This patch implements the following:
2 system calls
int setaudit_id(uid_t);
if (!capable(CAP_AUDIT_CONTROL) (a posix capability))
errno=EPERM, returns -1;
if == -1, generate a new sess_id (64 bit value) and set process's
sess_id
else set 'luid' for the process
returns 0 on success;
long long getaudit_id(id);
id == 1 - return process's luid
id == 2 - return process's sess_id
else return -1 and errno=EINVAL;
Preferred Calling method via the defines (in include/linux/audit.h):
int setluid(uid_t)
int newsess_id()
uid_t getluid()
long long getsess_id()
The linux/audit.h includes an implementation dependant asm/audit.h. I created
these as empty files on the non-i386 platforms so no one would get build errors.
| The initial internal kernel value of sessid is 0x1 0000 0000.
| A call to get_sessid before a newsess_id on a process will return 0 (unitialized).
| The first newsess_id on the system will set the process's sess_id to 0x100000001.
| Subsequent newsess_id's will increment values from there.
-l
-- Linda A Walsh | Trust Technology, Core Linux, SGI law@sgi.com | Voice: (650) 933-5338 -----------------------------------------------------------------------------------diff --new-file -r -c linux-2.3.99-pre5untainted/arch/i386/kernel/entry.S linux/ arch/i386/kernel/entry.S *** linux-2.3.99-pre5untainted/arch/i386/kernel/entry.S Thu Mar 23 08:15:02 2000 --- linux/arch/i386/kernel/entry.S Sat Apr 22 12:57:55 2000 *************** *** 183,188 **** --- 183,201 ---- jne tracesys_exit jmp ret_from_sys_call
+ ENTRY(system_call64) # 64 bit return value syscall + pushl %eax # save orig_eax + SAVE_ALL + GET_CURRENT(%ebx) + cmpl $(NR_syscalls),%eax + jae badsys + testb $0x20,flags(%ebx) # PF_TRACESYS + jne tracesys + call *SYMBOL_NAME(sys_call_table)(,%eax,4) + movl %eax,EAX(%esp) # save the return value + movl %edx,EDX(%esp) # save high 32 bits + jmp ret_from_sys_call + /* * Return to user mode is not as complex as all this looks, * but we want the default path for a system call return to *************** *** 634,639 **** --- 647,654 ---- .long SYMBOL_NAME(sys_pivot_root) .long SYMBOL_NAME(sys_mincore) .long SYMBOL_NAME(sys_madvise) + .long SYMBOL_NAME(sys_setaudit_id) /* 220 */ + .long SYMBOL_NAME(sys_getaudit_id)
/* diff --new-file -r -c linux-2.3.99-pre5untainted/arch/i386/kernel/i8259.c linux/ arch/i386/kernel/i8259.c *** linux-2.3.99-pre5untainted/arch/i386/kernel/i8259.c Thu Mar 23 08:34:11 2000 --- linux/arch/i386/kernel/i8259.c Sun Apr 23 17:06:28 2000 *************** *** 447,453 **** */ for (i = 0; i < NR_IRQS; i++) { int vector = FIRST_EXTERNAL_VECTOR + i; ! if (vector != SYSCALL_VECTOR) set_intr_gate(vector, interrupt[i]); }
--- 447,453 ---- */ for (i = 0; i < NR_IRQS; i++) { int vector = FIRST_EXTERNAL_VECTOR + i; ! if (vector != SYSCALL_VECTOR && vector!=SYSCALL64_VECTOR) set_intr_gate(vector, interrupt[i]); }
diff --new-file -r -c linux-2.3.99-pre5untainted/arch/i386/kernel/io_apic.c linu x/arch/i386/kernel/io_apic.c *** linux-2.3.99-pre5untainted/arch/i386/kernel/io_apic.c Mon Mar 20 07:53 :51 2000 --- linux/arch/i386/kernel/io_apic.c Sun Apr 23 17:07:12 2000 *************** *** 528,534 **** panic("ran out of interrupt sources!"); next: current_vector += 8; ! if (current_vector == SYSCALL_VECTOR) goto next;
if (current_vector > 0xFF) { --- 528,534 ---- panic("ran out of interrupt sources!"); next: current_vector += 8; ! if (current_vector == SYSCALL_VECTOR || current_vector == SYSCALL64_VECT OR) goto next;
if (current_vector > 0xFF) { diff --new-file -r -c linux-2.3.99-pre5untainted/arch/i386/kernel/traps.c linux/ arch/i386/kernel/traps.c *** linux-2.3.99-pre5untainted/arch/i386/kernel/traps.c Tue Apr 11 17:17:55 2000 --- linux/arch/i386/kernel/traps.c Sat Apr 22 00:04:23 2000 *************** *** 47,52 **** --- 47,53 ---- #include <linux/irq.h>
asmlinkage int system_call(void); + asmlinkage long long system_call64(void); asmlinkage void lcall7(void); asmlinkage void lcall27(void);
*************** *** 830,835 **** --- 831,837 ---- set_trap_gate(16,&coprocessor_error); set_trap_gate(17,&alignment_check); set_system_gate(SYSCALL_VECTOR,&system_call); + set_system_gate(SYSCALL64_VECTOR,&system_call64);
/* * default LDT is a single-entry callgate to lcall7 for iBCS diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-alpha/audit.h linux /include/asm-alpha/audit.h *** linux-2.3.99-pre5untainted/include/asm-alpha/audit.h Wed Dec 31 16:00 :00 1969 --- linux/include/asm-alpha/audit.h Sun Apr 23 18:49:59 2000 *************** *** 0 **** --- 1 ---- + diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-arm/audit.h linux/i nclude/asm-arm/audit.h *** linux-2.3.99-pre5untainted/include/asm-arm/audit.h Wed Dec 31 16:00:00 1969 --- linux/include/asm-arm/audit.h Sun Apr 23 18:49:59 2000 *************** *** 0 **** --- 1 ---- + diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-generic/audit.h lin ux/include/asm-generic/audit.h *** linux-2.3.99-pre5untainted/include/asm-generic/audit.h Wed Dec 31 16:00 :00 1969 --- linux/include/asm-generic/audit.h Sun Apr 23 18:49:59 2000 *************** *** 0 **** --- 1 ---- + diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-i386/audit.h linux/ include/asm-i386/audit.h *** linux-2.3.99-pre5untainted/include/asm-i386/audit.h Wed Dec 31 16:00:00 1969 --- linux/include/asm-i386/audit.h Sun Apr 23 18:49:59 2000 *************** *** 0 **** --- 1,6 ---- + /* ia32 specific audit interface - law@sgi */ + + _syscall64_1(long long, getaudit_id,int, id) + _syscall1(int, setaudit_id, uid_t, luid) + + diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-i386/hw_irq.h linux /include/asm-i386/hw_irq.h *** linux-2.3.99-pre5untainted/include/asm-i386/hw_irq.h Tue Apr 11 17:31 :26 2000 --- linux/include/asm-i386/hw_irq.h Mon Apr 24 11:41:07 2000 *************** *** 21,26 **** --- 21,27 ---- #define FIRST_EXTERNAL_VECTOR 0x20
#define SYSCALL_VECTOR 0x80 + #define SYSCALL64_VECTOR 0x81
/* * Vectors 0x20-0x2f are used for ISA interrupts. diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-i386/unistd.h linux /include/asm-i386/unistd.h *** linux-2.3.99-pre5untainted/include/asm-i386/unistd.h Tue Mar 14 17:45 :20 2000 --- linux/include/asm-i386/unistd.h Mon Apr 24 11:31:43 2000 *************** *** 225,230 **** --- 225,232 ---- #define __NR_mincore 218 #define __NR_madvise 219 #define __NR_madvise1 219 /* delete when C lib stub is removed */+ #define __NR_setaudit_id 220 + #define __NR_getaudit_id 221
/* user-visible error numbers are in the range -1 - -124: see <asm-i386/errno. h> */
*************** *** 313,318 **** --- 315,347 ---- "d" ((long)(arg3)),"S" ((long)(arg4)),"D" ((long)(arg5)), \ "0" ((long)(arg6))); \ __syscall_return(type,__res); \ + } + + /* this call interface needs to be fixed -- while it works on + * current GCC, the asm code does not *explicitly* "return" a + * 64-bit value via EDX holding the high order 32 bits. Unfortunately + * I don't know the intricacies of gcc-asm + */ + + + #define __syscall64_return(type, res) \ + do { \ + if ((unsigned long long)(res.___res) >= (unsigned long long)(-125)) { \ + errno = -(res.___res); \ + res.___res = -1; \ + } \ + return (type) (res.___res); \ + } while (0) + + + #define _syscall64_1(type,name,type1,arg1) \ + type name(type1 arg1) \ + { \ + register union { long long ___res; long __res[2];} __resunion; \ + __asm__ volatile ("int $0x81" \ + : "=a" (__resunion.__res[0]), "=d" (__resunion.__res[1]) \ + : "0" (__NR_##name),"b" ((long)arg1)); \ + __syscall64_return(type,__resunion); \ }
#ifdef __KERNEL_SYSCALLS__ diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-ia64/audit.h linux/ include/asm-ia64/audit.h *** linux-2.3.99-pre5untainted/include/asm-ia64/audit.h Wed Dec 31 16:00:00 1969 --- linux/include/asm-ia64/audit.h Sun Apr 23 18:49:59 2000 *************** *** 0 **** --- 1 ---- + diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-m68k/audit.h linux/ include/asm-m68k/audit.h *** linux-2.3.99-pre5untainted/include/asm-m68k/audit.h Wed Dec 31 16:00:00 1969 --- linux/include/asm-m68k/audit.h Sun Apr 23 18:49:59 2000 *************** *** 0 **** --- 1 ---- + diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-mips/audit.h linux/ include/asm-mips/audit.h *** linux-2.3.99-pre5untainted/include/asm-mips/audit.h Wed Dec 31 16:00:00 1969 --- linux/include/asm-mips/audit.h Sun Apr 23 18:49:59 2000 *************** *** 0 **** --- 1 ---- + diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-mips64/audit.h linu x/include/asm-mips64/audit.h *** linux-2.3.99-pre5untainted/include/asm-mips64/audit.h Wed Dec 31 16:00 :00 1969 --- linux/include/asm-mips64/audit.h Sun Apr 23 18:49:59 2000 *************** *** 0 **** --- 1 ---- + diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-ppc/audit.h linux/i nclude/asm-ppc/audit.h *** linux-2.3.99-pre5untainted/include/asm-ppc/audit.h Wed Dec 31 16:00:00 1969 --- linux/include/asm-ppc/audit.h Sun Apr 23 18:49:59 2000 *************** *** 0 **** --- 1 ---- + diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-sh/audit.h linux/in clude/asm-sh/audit.h *** linux-2.3.99-pre5untainted/include/asm-sh/audit.h Wed Dec 31 16:00:00 1969 --- linux/include/asm-sh/audit.h Sun Apr 23 18:49:59 2000 *************** *** 0 **** --- 1 ---- + diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-sparc/audit.h linux /include/asm-sparc/audit.h *** linux-2.3.99-pre5untainted/include/asm-sparc/audit.h Wed Dec 31 16:00 :00 1969 --- linux/include/asm-sparc/audit.h Sun Apr 23 18:49:59 2000 *************** *** 0 **** --- 1 ---- + diff --new-file -r -c linux-2.3.99-pre5untainted/include/asm-sparc64/audit.h lin ux/include/asm-sparc64/audit.h *** linux-2.3.99-pre5untainted/include/asm-sparc64/audit.h Wed Dec 31 16:00 :00 1969 --- linux/include/asm-sparc64/audit.h Sun Apr 23 18:49:59 2000 *************** *** 0 **** --- 1 ---- + Binary files linux-2.3.99-pre5untainted/include/linux/.sched.h.swp and linux/inc lude/linux/.sched.h.swp differ diff --new-file -r -c linux-2.3.99-pre5untainted/include/linux/audit.h linux/inc lude/linux/audit.h *** linux-2.3.99-pre5untainted/include/linux/audit.h Wed Dec 31 16:00:00 1969 --- linux/include/linux/audit.h Sun Apr 23 18:28:40 2000 *************** *** 0 **** --- 1,8 ---- + #include <asm/audit.h> + + /* audit id function definitions */ + + #define setluid(id) setaudit_id(id) + #define newsess_id() setaudit_id((uid_t)-1) + #define getluid() ((uid_t)getaudit_id(1)) + #define getsess_id() getaudit_id(2) diff --new-file -r -c linux-2.3.99-pre5untainted/include/linux/capability.h linu x/include/linux/capability.h *** linux-2.3.99-pre5untainted/include/linux/capability.h Tue Apr 11 17:31 :26 2000 --- linux/include/linux/capability.h Mon Apr 24 11:41:07 2000 *************** *** 269,274 **** --- 269,280 ----
#define CAP_MKNOD 27
+ /* allow setting of Login user ID */ + /* allow generating and setting of session id */ + /* start/stop audit */ + + asmlinkage int sys_setaudit_id(uid_t audit_id) + { + if (!capable(CAP_AUDIT_CONTROL)) return -EPERM; + + if ((int)audit_id == -1) { /* generate a new sessid for the process */ + spin_lock(&sessid_lock); + current->sessid = ++sessid; + spin_unlock(&sessid_lock); + } else { + current->luid = audit_id; + } + + return 0; + } + + /* note that this will only return "long long" if called from + assembly code that also returns a "long long" value */ + + asmlinkage long long sys_getaudit_id(int id) + { + if (id==1) { + return (long long) (current->luid); + } else if (id==2) { + return current->sessid; + } else return -EINVAL; + } + + + asmlinkage long sys_getresuid(uid_t *ruid, uid_t *euid, uid_t *suid) { int retval;
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Apr 30 2000 - 21:00:08 EST