| Message ID | 4ec2970fcc819eb4d5dac2bd35233ccdadfda845.1604410035.git.yifeifz2@illinois.edu (mailing list archive) |
|---|---|
| State | Not Applicable |
| Headers | show |
| Series | seccomp: add bitmap cache support on remaining arches and report cache in procfs | expand |
YiFei Zhu <zhuyifei1999@gmail.com> writes: > From: YiFei Zhu <yifeifz2@illinois.edu> > > To enable seccomp constant action bitmaps, we need to have a static > mapping to the audit architecture and system call table size. Add these > for powerpc. > > Signed-off-by: YiFei Zhu <yifeifz2@illinois.edu> > --- > arch/powerpc/include/asm/seccomp.h | 21 +++++++++++++++++++++ > 1 file changed, 21 insertions(+) > > diff --git a/arch/powerpc/include/asm/seccomp.h b/arch/powerpc/include/asm/seccomp.h > index 51209f6071c5..3efcc83e9cc6 100644 > --- a/arch/powerpc/include/asm/seccomp.h > +++ b/arch/powerpc/include/asm/seccomp.h > @@ -8,4 +8,25 @@ > > #include <asm-generic/seccomp.h> > > +#ifdef __LITTLE_ENDIAN__ As Kees mentioned this should (must?!) match the configured endian. But I think it would still be better to use the CONFIG symbol, which is CONFIG_CPU_LITTLE_ENDIAN. > +#define __SECCOMP_ARCH_LE_BIT __AUDIT_ARCH_LE > +#else > +#define __SECCOMP_ARCH_LE_BIT 0 > +#endif > + > +#ifdef CONFIG_PPC64 > +# define SECCOMP_ARCH_NATIVE (AUDIT_ARCH_PPC64 | __SECCOMP_ARCH_LE) You use __SECCOMP_ARCH_LE there, but previously you only defined __SECCOMP_ARCH_LE_BIT. Is there some magic somewhere that defines __SECCOMP_ARCH_LE based on __SECCOMP_ARCH_LE_BIT ? > +# define SECCOMP_ARCH_NATIVE_NR NR_syscalls > +# define SECCOMP_ARCH_NATIVE_NAME "ppc64" What's the name used for? Usually we use "ppc64" for 64-bit big endian and "ppc64le" for 64-bit little endian. > +# ifdef CONFIG_COMPAT > +# define SECCOMP_ARCH_COMPAT (AUDIT_ARCH_PPC | __SECCOMP_ARCH_LE) > +# define SECCOMP_ARCH_COMPAT_NR NR_syscalls > +# define SECCOMP_ARCH_COMPAT_NAME "powerpc" And usually we use "ppc" for 32-bit. > +# endif > +#else /* !CONFIG_PPC64 */ > +# define SECCOMP_ARCH_NATIVE (AUDIT_ARCH_PPC | __SECCOMP_ARCH_LE) > +# define SECCOMP_ARCH_NATIVE_NR NR_syscalls > +# define SECCOMP_ARCH_NATIVE_NAME "powerpc" > +#endif > + > #endif /* _ASM_POWERPC_SECCOMP_H */ > -- > 2.29.2 cheers
On Wed, Nov 4, 2020 at 4:22 AM Michael Ellerman <mpe@ellerman.id.au> wrote: > > +#ifdef __LITTLE_ENDIAN__ > > As Kees mentioned this should (must?!) match the configured endian. > > But I think it would still be better to use the CONFIG symbol, which is > CONFIG_CPU_LITTLE_ENDIAN. My attempt here is to be consistent with asm/syscall.h syscall_get_arch [1]. Would it make sense to change that to CONFIG_CPU_LITTLE_ENDIAN then? [1] https://elixir.bootlin.com/linux/latest/source/arch/powerpc/include/asm/syscall.h#L116 > > +# define SECCOMP_ARCH_NATIVE (AUDIT_ARCH_PPC64 | __SECCOMP_ARCH_LE) > > You use __SECCOMP_ARCH_LE there, but previously you only defined > __SECCOMP_ARCH_LE_BIT. > > Is there some magic somewhere that defines __SECCOMP_ARCH_LE based on > __SECCOMP_ARCH_LE_BIT ? Oops, my bad here. > > +# define SECCOMP_ARCH_NATIVE_NR NR_syscalls > > +# define SECCOMP_ARCH_NATIVE_NAME "ppc64" > > What's the name used for? This is used in the last patch in this series to report in procfs the name of each architecture tracked by the bitmap cache. > Usually we use "ppc64" for 64-bit big endian and "ppc64le" for 64-bit > little endian. > > And usually we use "ppc" for 32-bit. Ok. YiFei Zhu
YiFei Zhu <zhuyifei1999@gmail.com> writes: > On Wed, Nov 4, 2020 at 4:22 AM Michael Ellerman <mpe@ellerman.id.au> wrote: >> > +#ifdef __LITTLE_ENDIAN__ >> >> As Kees mentioned this should (must?!) match the configured endian. >> >> But I think it would still be better to use the CONFIG symbol, which is >> CONFIG_CPU_LITTLE_ENDIAN. > > My attempt here is to be consistent with asm/syscall.h > syscall_get_arch [1]. Would it make sense to change that to > CONFIG_CPU_LITTLE_ENDIAN then? > > [1] https://elixir.bootlin.com/linux/latest/source/arch/powerpc/include/asm/syscall.h#L116 Looking across the tree with have thousands of usages of __LITTLE_ENDIAN__, so it's probably not worth converting to CONFIG_CPU_LITTLE_ENDIAN. >> > +# define SECCOMP_ARCH_NATIVE (AUDIT_ARCH_PPC64 | __SECCOMP_ARCH_LE) >> >> You use __SECCOMP_ARCH_LE there, but previously you only defined >> __SECCOMP_ARCH_LE_BIT. >> >> Is there some magic somewhere that defines __SECCOMP_ARCH_LE based on >> __SECCOMP_ARCH_LE_BIT ? > > Oops, my bad here. OK :) >> > +# define SECCOMP_ARCH_NATIVE_NR NR_syscalls >> > +# define SECCOMP_ARCH_NATIVE_NAME "ppc64" >> >> What's the name used for? > > This is used in the last patch in this series to report in procfs the > name of each architecture tracked by the bitmap cache. OK, yeah I think it would be better if the matched the uname -m values. >> Usually we use "ppc64" for 64-bit big endian and "ppc64le" for 64-bit >> little endian. >> >> And usually we use "ppc" for 32-bit. > > Ok. cheers
diff --git a/arch/powerpc/include/asm/seccomp.h b/arch/powerpc/include/asm/seccomp.h index 51209f6071c5..3efcc83e9cc6 100644 --- a/arch/powerpc/include/asm/seccomp.h +++ b/arch/powerpc/include/asm/seccomp.h @@ -8,4 +8,25 @@ #include <asm-generic/seccomp.h> +#ifdef __LITTLE_ENDIAN__ +#define __SECCOMP_ARCH_LE_BIT __AUDIT_ARCH_LE +#else +#define __SECCOMP_ARCH_LE_BIT 0 +#endif + +#ifdef CONFIG_PPC64 +# define SECCOMP_ARCH_NATIVE (AUDIT_ARCH_PPC64 | __SECCOMP_ARCH_LE) +# define SECCOMP_ARCH_NATIVE_NR NR_syscalls +# define SECCOMP_ARCH_NATIVE_NAME "ppc64" +# ifdef CONFIG_COMPAT +# define SECCOMP_ARCH_COMPAT (AUDIT_ARCH_PPC | __SECCOMP_ARCH_LE) +# define SECCOMP_ARCH_COMPAT_NR NR_syscalls +# define SECCOMP_ARCH_COMPAT_NAME "powerpc" +# endif +#else /* !CONFIG_PPC64 */ +# define SECCOMP_ARCH_NATIVE (AUDIT_ARCH_PPC | __SECCOMP_ARCH_LE) +# define SECCOMP_ARCH_NATIVE_NR NR_syscalls +# define SECCOMP_ARCH_NATIVE_NAME "powerpc" +#endif + #endif /* _ASM_POWERPC_SECCOMP_H */