From patchwork Wed Nov  6 21:26:52 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Kees Cook <keescook@chromium.org>
X-Patchwork-Id: 3149351
Return-Path: 
 <linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org>
X-Original-To: patchwork-linux-arm@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.19.201])
	by patchwork1.web.kernel.org (Postfix) with ESMTP id 3533A9F407
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Wed,  6 Nov 2013 21:27:25 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 1E3A62063A
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Wed,  6 Nov 2013 21:27:24 +0000 (UTC)
Received: from casper.infradead.org (casper.infradead.org [85.118.1.10])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 2E95420639
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Wed,  6 Nov 2013 21:27:23 +0000 (UTC)
Received: from merlin.infradead.org ([2001:4978:20e::2])
	by casper.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux))
	id 1VeAdD-0007pQ-JJ; Wed, 06 Nov 2013 21:27:19 +0000
Received: from localhost ([::1] helo=merlin.infradead.org)
	by merlin.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux))
	id 1VeAdB-0004Lx-6s; Wed, 06 Nov 2013 21:27:17 +0000
Received: from mail-ob0-x232.google.com ([2607:f8b0:4003:c01::232])
	by merlin.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux))
	id 1VeAd8-0004LK-Dt for linux-arm-kernel@lists.infradead.org;
	Wed, 06 Nov 2013 21:27:15 +0000
Received: by mail-ob0-f178.google.com with SMTP id va2so100776obc.23
	for <linux-arm-kernel@lists.infradead.org>;
	Wed, 06 Nov 2013 13:26:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=20120113;
	h=mime-version:sender:in-reply-to:references:date:message-id:subject
	:from:to:cc:content-type;
	bh=8rkpgZ1vgui89yaep3HzAv5Q9IMfmszwh2wKz3ixPqU=;
	b=mo9x+pBQLL5KuC9NKrEgE8vUr7vIYrSC+3SaTMCQ4XanrTDgfur3/sDJ8w0IWZY7M8
	xOYrSpzMWNF62JFkaZvbhkqWc8oSR+MOuE5gZFQlh6MTcsrQrWuIqSXYNIlgFtJUotsG
	sHfgMiv5wbdr+F3YWKCnN5pSAl5CRbM0zUiLM6xsC2gn0ro/Fcu+MOjMc6O44ipFssta
	gWlgk6iib5HkRar0WC5tcJmLDZXfCTf/PVswBc65MTYQdOlsdmHG6som0f5acf+HSAhM
	E9Se0camTCLihdcDGl4SywadeLTJHdyR3NIB4HAPbwUCphX/Oqbn1ijjTgmYoFQpM2rx
	4Eag==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org;
	s=google;
	h=mime-version:sender:in-reply-to:references:date:message-id:subject
	:from:to:cc:content-type;
	bh=8rkpgZ1vgui89yaep3HzAv5Q9IMfmszwh2wKz3ixPqU=;
	b=ilPdv64FAue1VMmD+PrA7C3DtCm7f00Rc7O3xPbEbKj2qPdD/zrW6wQV3e/b4uTT/D
	pOC19iziRc/n13LpIMn0qzd16B74wbH3WVDvoTKIYZxgJc0it20tS4GQ323U8+vBkE6S
	1GelQRN00M1wo7/UtcsJjUSzdD3n/pfd9QogY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:mime-version:sender:in-reply-to:references:date
	:message-id:subject:from:to:cc:content-type;
	bh=8rkpgZ1vgui89yaep3HzAv5Q9IMfmszwh2wKz3ixPqU=;
	b=dZmDby2IoufrdyFRO0vyxE7yd2AGG2+vIRaH0HrZiK1OtkZvXLnCH5yJks+XcxfajG
	Cbbt6c6CU9LXG37/sAdqli6WYeyXZI3+cevVDap2nU7rrEx9M+0kHQPBpE7o5BA60PMX
	QROhyMFF75bxznPzQbb+2B/Xju0ZQsZh56BvqQM1Qpqi4I9O6eSvTLc9NMM459FUiQps
	QtW6gRfem2pErcAZNapXQxFR964KqEUfaHcgYj4y2VdU+2vzXYA2/TTcHU+VegmTL/D1
	8LDExaLWvRkiG2zD78naGnvvhDdxQcqBXcUp1ypkkAcFbFI4gIwz02xV4Z3MdN/thHza
	9OVA==
X-Gm-Message-State: 
 ALoCoQk0zfln616xAVZz8zBZenMwLPTRn+7T9rDnUUFdrD24P1xKtf2wn5ZLg3fyUypidRUNXtN0k/FE3GKyE7/tXXuD+xxc4qk2qONIQwc4ctpz1s2Q18Uyug5qGyjSm3VE9CX3yFGuuAOzXJm5p5f3KmHXTKawVTk4BDKtilDr2mCrpgrO+kEXYe+JH3iL4bI+EoUyVLc+40KvP4RSYb3yopfXzATD3Q==
MIME-Version: 1.0
X-Received: by 10.60.39.67 with SMTP id n3mr4297352oek.2.1383773212337; Wed,
	06 Nov 2013 13:26:52 -0800 (PST)
Received: by 10.182.213.33 with HTTP; Wed, 6 Nov 2013 13:26:52 -0800 (PST)
In-Reply-To: 
 <CABqD9hbaZhAztYF_H8RTuTdhh+J4WHaGpdRLR3EqHbtH2OLU+Q@mail.gmail.com>
References: 
 <CALCETrUt7Ojh5Yy4KYgBPj_wBr=fzKKJ=OOgGP9BtXoKrr9QnA@mail.gmail.com>
	<1383751951.28218.64.camel@flatline.rdu.redhat.com>
	<20131106155104.GZ16735@n2100.arm.linux.org.uk>
	<CABqD9hbaZhAztYF_H8RTuTdhh+J4WHaGpdRLR3EqHbtH2OLU+Q@mail.gmail.com>
Date: Wed, 6 Nov 2013 13:26:52 -0800
X-Google-Sender-Auth: Xx4GB0uICkzUy85LdN_10OHOnbo
Message-ID: 
 <CAGXu5jLr3G+n3SRrpJOZbHsdY76dN34TNP0arL2_FyBg7c2EAg@mail.gmail.com>
Subject: Re: [libseccomp-discuss] ARM audit, seccomp,
	etc are broken wrt OABI syscalls
From: Kees Cook <keescook@chromium.org>
To: Will Drewry <wad@chromium.org>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20131106_162714_529742_37A88061 
X-CRM114-Status: GOOD (  19.08  )
X-Spam-Score: -2.0 (--)
Cc: Russell King - ARM Linux <linux@arm.linux.org.uk>,
	Richard Weinberger <richard@nod.at>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	Eric Paris <eparis@redhat.com>, Andy Lutomirski <luto@amacapital.net>,
	libseccomp-discuss@lists.sourceforge.net,
	linux-arm-kernel <linux-arm-kernel@lists.infradead.org>
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY
	autolearn=unavailable version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

On Wed, Nov 6, 2013 at 1:20 PM, Will Drewry <wad@chromium.org> wrote:
> On Wed, Nov 6, 2013 at 9:51 AM, Russell King - ARM Linux
> <linux@arm.linux.org.uk> wrote:
>> On Wed, Nov 06, 2013 at 10:32:31AM -0500, Eric Paris wrote:
>>> On Tue, 2013-11-05 at 14:36 -0800, Andy Lutomirski wrote:
>>> > 1. Set a different audit arch for OABI syscalls (e.g.
>>> > AUDIT_ARCH_ARMOABI).  That is, treat OABI syscall entries the same way
>>> > that x86_64 treats int 80.
>>>
>>> As the audit maintainer, I like #1.  It might break ABI, but the ABI is
>>> flat wrong now and not maintainable...
>>
>> If you read the whole thread, you will see that this corner case is just
>> not worth the effort to support.  Audit may as well be disabled by
>> kernel config if any OABI support is enabled.
>
> This might be the best move for seccomp too (as Kees suggested).  I'd
> love to have audit arch visibility, but it's not clear that it's worth
> any sort of larger changes ...
>
> ... like adding a task_thread_info.compat flag that bubbles up to
> syscall_get_arch(), or if we assume consumers of syscall_get_nr() are
> broken today (I haven't checked), then it would be possible to at
> least re-add the 0x900000 bits, if compat, before handing back the
> system call number but leave the audit arch pieces alone.

How does this look, for the seccomp part?

-Kees

diff --git a/arch/Kconfig b/arch/Kconfig
index af2cc6eabcc7..3610c2d9910f 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -331,7 +331,7 @@ config HAVE_ARCH_SECCOMP_FILTER

 config SECCOMP_FILTER
        def_bool y
-       depends on HAVE_ARCH_SECCOMP_FILTER && SECCOMP && NET
+       depends on HAVE_ARCH_SECCOMP_FILTER && SECCOMP && NET && !OABI_COMPAT
        help
          Enable tasks to build secure computing environments defined
          in terms of Berkeley Packet Filter programs which implement