Re: [PATCH v3] audit: Add generic compat syscall support

From: Catalin Marinas
Date: Thu Jan 30 2014 - 13:08:36 EST

Next message: Arnaldo Carvalho de Melo: "Re: [PATCH V2 1/9] perf tools: Fix symbol annotation for relocatedkernel"
Previous message: Richard Yao: "[PATCH] vfs: Update file_operations documentation"
In reply to: AKASHI Takahiro: "Re: [PATCH v3] audit: Add generic compat syscall support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 29, 2014 at 05:58:59AM +0000, AKASHI Takahiro wrote:
> On 01/27/2014 09:15 PM, Catalin Marinas wrote:
> > On Mon, Jan 27, 2014 at 05:58:07AM +0000, AKASHI Takahiro wrote:
> >> On 01/23/2014 11:51 PM, Catalin Marinas wrote:
> >>>> +int audit_classify_compat_syscall(int abi, unsigned syscall)
> >>>> +{
> >>>> + switch (syscall) {
> >>>> +#ifdef __NR_open
> >>>> + case __NR_open:
> >>>> + return 2;
> >>>> +#endif
> >>>> +#ifdef __NR_openat
> >>>> + case __NR_openat:
> >>>> + return 3;
> >>>> +#endif
> >>>> +#ifdef __NR_socketcall
> >>>> + case __NR_socketcall:
> >>>> + return 4;
> >>>> +#endif
> >>>> + case __NR_execve:
> >>>> + return 5;
> >>>> + default:
> >>>> + return 1;
> >>>> + }
> >>>> +}
> >>>
> >>> BTW, since they aren't many, you could get the arch code to define
> >>> __NR_compat_open etc. explicitly and use these. On arm64 we have a few
> >>> of these defined to avoid name collision in signal handling code.
> >>
> >> Again, most architecture have their own unistd32.h for compat system calls,
> >> and use __NR_open-like naming.
> >> It's unlikely for these archs to migrate to "generic compat" auditing,
> >> but I believe that '__NR_open'-like naming is better because we may be able to avoid
> >> arch-specific changes even for future(?) syscall-related enhancements in audit.
>
> In my compat_audit.c, all the entries in audit classes are derived from asm-generic/audit_*.h,
> where __NR_xyz are used to list the system calls. So it is not possible to use __NR_compat_xyz
> as far as we re-use those generic files.
> (Obviously we don't want to duplicate those header files, that is, audit_compat_*.h.)

Ah, I missed the other __NR_* uses in the generic audit_*.h files. Below
is an attempt to add compat __NR_* definitions to arm64 unistd32.h.
There are other ways of doing this and still avoid collision with the
native ones but I thought that's the easiest. Note that these are not
uapi headers, so they are just for the kernel. Compile-tested only (and
please check, maybe my vim macros and regexp got something wrong):

(and in the process I found two new AArch32 syscalls which I'll add to
the compat layer)

---------------8<----------------

Next message: Arnaldo Carvalho de Melo: "Re: [PATCH V2 1/9] perf tools: Fix symbol annotation for relocatedkernel"
Previous message: Richard Yao: "[PATCH] vfs: Update file_operations documentation"
In reply to: AKASHI Takahiro: "Re: [PATCH v3] audit: Add generic compat syscall support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]