arch: Wire up Landlock syscalls

mainline inclusion
from mainline-v5.13-rc1
commit a49f4f81
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I6DJU0
CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a49f4f81cb48925e8d7cbd9e59068f516e984144

--------------------------------

Wire up the following system calls for all architectures:
* landlock_create_ruleset(2)
* landlock_add_rule(2)
* landlock_restrict_self(2)

Cc: Arnd Bergmann <arnd@arndb.de>
Cc: James Morris <jmorris@namei.org>
Cc: Jann Horn <jannh@google.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Serge E. Hallyn <serge@hallyn.com>
Signed-off-by: NMickaël Salaün <mic@linux.microsoft.com>
Link: https://lore.kernel.org/r/20210422154123.13086-10-mic@digikod.netSigned-off-by: NJames Morris <jamorris@linux.microsoft.com>

conflicts:
	arch/alpha/kernel/syscalls/syscall.tbl
	arch/arm/tools/syscall.tbl
	arch/arm64/include/asm/unistd32.h
	arch/ia64/kernel/syscalls/syscall.tbl
	arch/m68k/kernel/syscalls/syscall.tbl
	arch/microblaze/kernel/syscalls/syscall.tbl
	arch/mips/kernel/syscalls/syscall_n32.tbl
	arch/mips/kernel/syscalls/syscall_n64.tbl
	arch/mips/kernel/syscalls/syscall_o32.tbl
	arch/parisc/kernel/syscalls/syscall.tbl
	arch/powerpc/kernel/syscalls/syscall.tbl
	arch/s390/kernel/syscalls/syscall.tbl
	arch/sh/kernel/syscalls/syscall.tbl
	arch/sparc/kernel/syscalls/syscall.tbl
	arch/x86/entry/syscalls/syscall_32.tbl
	arch/x86/entry/syscalls/syscall_64.tbl
	arch/xtensa/kernel/syscalls/syscall.tbl
	include/uapi/asm-generic/unistd.h
Signed-off-by: NYi Yang <yiyang13@huawei.com>

arch/alpha/kernel/syscalls/syscall.tbl

@@ -480,3 +480,6 @@
 548	common	pidfd_getfd			sys_pidfd_getfd
 549	common	faccessat2			sys_faccessat2
 550	common	process_madvise			sys_process_madvise
+554	common	landlock_create_ruleset		sys_landlock_create_ruleset
+555	common	landlock_add_rule		sys_landlock_add_rule
+556	common	landlock_restrict_self		sys_landlock_restrict_self

arch/arm/tools/syscall.tbl

@@ -457,9 +457,9 @@
 441	common	kabi_reserved441		sys_ni_syscall
 442	common	kabi_reserved442		sys_ni_syscall
 443	common	kabi_reserved443		sys_ni_syscall
-444	common	kabi_reserved444		sys_ni_syscall
-445	common	kabi_reserved445		sys_ni_syscall
-446	common	kabi_reserved446		sys_ni_syscall
+444	common	landlock_create_ruleset     sys_landlock_create_ruleset
+445	common	landlock_add_rule       sys_landlock_add_rule
+446	common	landlock_restrict_self      sys_landlock_restrict_self
 447	common	kabi_reserved447		sys_ni_syscall
 448	common	kabi_reserved448		sys_ni_syscall
 449	common	kabi_reserved449		sys_ni_syscall

arch/arm64/include/asm/unistd32.h

@@ -896,12 +896,12 @@ __SYSCALL(__NR_kabi_reserved441, sys_ni_syscall)
 __SYSCALL(__NR_kabi_reserved442, sys_ni_syscall)
 #define __NR_kabi_reserved443 443
 __SYSCALL(__NR_kabi_reserved443, sys_ni_syscall)
-#define __NR_kabi_reserved444 444
-__SYSCALL(__NR_kabi_reserved444, sys_ni_syscall)
-#define __NR_kabi_reserved445 445
-__SYSCALL(__NR_kabi_reserved445, sys_ni_syscall)
-#define __NR_kabi_reserved446 446
-__SYSCALL(__NR_kabi_reserved446, sys_ni_syscall)
+#define __NR_landlock_create_ruleset 444
+__SYSCALL(__NR_landlock_create_ruleset, sys_landlock_create_ruleset)
+#define __NR_landlock_add_rule 445
+__SYSCALL(__NR_landlock_add_rule, sys_landlock_add_rule)
+#define __NR_landlock_restrict_self 446
+__SYSCALL(__NR_landlock_restrict_self, sys_landlock_restrict_self)
 #define __NR_kabi_reserved447 447
 __SYSCALL(__NR_kabi_reserved447, sys_ni_syscall)
 #define __NR_kabi_reserved448 448

arch/ia64/kernel/syscalls/syscall.tbl

@@ -361,3 +361,6 @@
 438	common	pidfd_getfd			sys_pidfd_getfd
 439	common	faccessat2			sys_faccessat2
 440	common	process_madvise			sys_process_madvise
+444 common  landlock_create_ruleset     sys_landlock_create_ruleset
+445 common  landlock_add_rule       sys_landlock_add_rule
+446 common  landlock_restrict_self      sys_landlock_restrict_self

arch/m68k/kernel/syscalls/syscall.tbl

@@ -440,3 +440,6 @@
 438	common	pidfd_getfd			sys_pidfd_getfd
 439	common	faccessat2			sys_faccessat2
 440	common	process_madvise			sys_process_madvise
+444 common  landlock_create_ruleset     sys_landlock_create_ruleset
+445 common  landlock_add_rule       sys_landlock_add_rule
+446 common  landlock_restrict_self      sys_landlock_restrict_self

arch/microblaze/kernel/syscalls/syscall.tbl

@@ -446,3 +446,6 @@
 438	common	pidfd_getfd			sys_pidfd_getfd
 439	common	faccessat2			sys_faccessat2
 440	common	process_madvise			sys_process_madvise
+444 common  landlock_create_ruleset     sys_landlock_create_ruleset
+445 common  landlock_add_rule       sys_landlock_add_rule
+446 common  landlock_restrict_self      sys_landlock_restrict_self

arch/mips/kernel/syscalls/syscall_n32.tbl

@@ -379,3 +379,6 @@
 438	n32	pidfd_getfd			sys_pidfd_getfd
 439	n32	faccessat2			sys_faccessat2
 440	n32	process_madvise			sys_process_madvise
+444 n32 landlock_create_ruleset     sys_landlock_create_ruleset
+445 n32 landlock_add_rule       sys_landlock_add_rule
+446 n32 landlock_restrict_self      sys_landlock_restrict_self

arch/mips/kernel/syscalls/syscall_n64.tbl

@@ -355,3 +355,6 @@
 438	n64	pidfd_getfd			sys_pidfd_getfd
 439	n64	faccessat2			sys_faccessat2
 440	n64	process_madvise			sys_process_madvise
+444 n64 landlock_create_ruleset     sys_landlock_create_ruleset
+445 n64 landlock_add_rule       sys_landlock_add_rule
+446 n64 landlock_restrict_self      sys_landlock_restrict_self

arch/mips/kernel/syscalls/syscall_o32.tbl

@@ -428,3 +428,6 @@
 438	o32	pidfd_getfd			sys_pidfd_getfd
 439	o32	faccessat2			sys_faccessat2
 440	o32	process_madvise			sys_process_madvise
+444 o32 landlock_create_ruleset     sys_landlock_create_ruleset
+445 o32 landlock_add_rule       sys_landlock_add_rule
+446 o32 landlock_restrict_self      sys_landlock_restrict_self

arch/parisc/kernel/syscalls/syscall.tbl

@@ -438,3 +438,6 @@
 438	common	pidfd_getfd			sys_pidfd_getfd
 439	common	faccessat2			sys_faccessat2
 440	common	process_madvise			sys_process_madvise
+444 common  landlock_create_ruleset     sys_landlock_create_ruleset
+445 common  landlock_add_rule       sys_landlock_add_rule
+446 common  landlock_restrict_self      sys_landlock_restrict_self

arch/powerpc/kernel/syscalls/syscall.tbl

@@ -533,9 +533,9 @@
 441	common	kabi_reserved441		sys_ni_syscall
 442	common	kabi_reserved442		sys_ni_syscall
 443	common	kabi_reserved443		sys_ni_syscall
-444	common	kabi_reserved444		sys_ni_syscall
-445	common	kabi_reserved445		sys_ni_syscall
-446	common	kabi_reserved446		sys_ni_syscall
+444	common	landlock_create_ruleset     sys_landlock_create_ruleset
+445	common	landlock_add_rule       sys_landlock_add_rule
+446	common	landlock_restrict_self      sys_landlock_restrict_self
 447	common	kabi_reserved447		sys_ni_syscall
 448	common	kabi_reserved448		sys_ni_syscall
 449	common	kabi_reserved449		sys_ni_syscall

arch/s390/kernel/syscalls/syscall.tbl

@@ -443,3 +443,6 @@
 438  common	pidfd_getfd		sys_pidfd_getfd			sys_pidfd_getfd
 439  common	faccessat2		sys_faccessat2			sys_faccessat2
 440  common	process_madvise		sys_process_madvise		sys_process_madvise
+444  common    landlock_create_ruleset sys_landlock_create_ruleset sys_landlock_create_ruleset
+445  common    landlock_add_rule   sys_landlock_add_rule       sys_landlock_add_rule
+446  common    landlock_restrict_self  sys_landlock_restrict_self  sys_landlock_restrict_self

arch/sh/kernel/syscalls/syscall.tbl

@@ -443,3 +443,6 @@
 438	common	pidfd_getfd			sys_pidfd_getfd
 439	common	faccessat2			sys_faccessat2
 440	common	process_madvise			sys_process_madvise
+444 common  landlock_create_ruleset     sys_landlock_create_ruleset
+445 common  landlock_add_rule       sys_landlock_add_rule
+446 common  landlock_restrict_self      sys_landlock_restrict_self

arch/sparc/kernel/syscalls/syscall.tbl

@@ -486,3 +486,6 @@
 438	common	pidfd_getfd			sys_pidfd_getfd
 439	common	faccessat2			sys_faccessat2
 440	common	process_madvise			sys_process_madvise
+444 common  landlock_create_ruleset     sys_landlock_create_ruleset
+445 common  landlock_add_rule       sys_landlock_add_rule
+446 common  landlock_restrict_self      sys_landlock_restrict_self

arch/x86/entry/syscalls/syscall_32.tbl

@@ -448,9 +448,9 @@
 441	i386	kabi_reserved441	sys_ni_syscall
 442	i386	kabi_reserved442	sys_ni_syscall
 443	i386	kabi_reserved443	sys_ni_syscall
-444	i386	kabi_reserved444	sys_ni_syscall
-445	i386	kabi_reserved445	sys_ni_syscall
-446	i386	kabi_reserved446	sys_ni_syscall
+444	i386	landlock_create_ruleset sys_landlock_create_ruleset
+445	i386	landlock_add_rule   sys_landlock_add_rule
+446	i386	landlock_restrict_self  sys_landlock_restrict_self
 447	i386	kabi_reserved447	sys_ni_syscall
 448	i386	kabi_reserved448	sys_ni_syscall
 449	i386	kabi_reserved449	sys_ni_syscall

arch/x86/entry/syscalls/syscall_64.tbl

@@ -365,9 +365,9 @@
 441	common	kabi_reserved441	sys_ni_syscall
 442	common	kabi_reserved442	sys_ni_syscall
 443	common	kabi_reserved443	sys_ni_syscall
-444	common	kabi_reserved444	sys_ni_syscall
-445	common	kabi_reserved445	sys_ni_syscall
-446	common	kabi_reserved446	sys_ni_syscall
+444	common	landlock_create_ruleset sys_landlock_create_ruleset
+445	common	landlock_add_rule   sys_landlock_add_rule
+446	common	landlock_restrict_self  sys_landlock_restrict_self
 447	common	kabi_reserved447	sys_ni_syscall
 448	common	kabi_reserved448	sys_ni_syscall
 449	common	kabi_reserved449	sys_ni_syscall

arch/xtensa/kernel/syscalls/syscall.tbl

@@ -411,3 +411,6 @@
 438	common	pidfd_getfd			sys_pidfd_getfd
 439	common	faccessat2			sys_faccessat2
 440	common	process_madvise			sys_process_madvise
+444 common  landlock_create_ruleset     sys_landlock_create_ruleset
+445 common  landlock_add_rule       sys_landlock_add_rule
+446 common  landlock_restrict_self      sys_landlock_restrict_self

include/uapi/asm-generic/unistd.h

@@ -866,12 +866,12 @@ __SYSCALL(__NR_kabi_reserved441, sys_ni_syscall)
 __SYSCALL(__NR_kabi_reserved442, sys_ni_syscall)
 #define __NR_kabi_reserved443 443
 __SYSCALL(__NR_kabi_reserved443, sys_ni_syscall)
-#define __NR_kabi_reserved444 444
-__SYSCALL(__NR_kabi_reserved444, sys_ni_syscall)
-#define __NR_kabi_reserved445 445
-__SYSCALL(__NR_kabi_reserved445, sys_ni_syscall)
-#define __NR_kabi_reserved446 446
-__SYSCALL(__NR_kabi_reserved446, sys_ni_syscall)
+#define __NR_landlock_create_ruleset 444
+__SYSCALL(__NR_landlock_create_ruleset, sys_landlock_create_ruleset)
+#define __NR_landlock_add_rule 445
+__SYSCALL(__NR_landlock_add_rule, sys_landlock_add_rule)
+#define __NR_landlock_restrict_self 446
+__SYSCALL(__NR_landlock_restrict_self, sys_landlock_restrict_self)
 #define __NR_kabi_reserved447 447
 __SYSCALL(__NR_kabi_reserved447, sys_ni_syscall)
 #define __NR_kabi_reserved448 448