提交 91397401 编写于 作者: E Eric Paris

ARCH: AUDIT: audit_syscall_entry() should not require the arch

We have a function where the arch can be queried, syscall_get_arch().
So rather than have every single piece of arch specific code use and/or
duplicate syscall_get_arch(), just have the audit code use the
syscall_get_arch() code.
Based-on-patch-by: NRichard Briggs <rgb@redhat.com>
Signed-off-by: NEric Paris <eparis@redhat.com>
Cc: linux-alpha@vger.kernel.org
Cc: linux-arm-kernel@lists.infradead.org
Cc: linux-ia64@vger.kernel.org
Cc: microblaze-uclinux@itee.uq.edu.au
Cc: linux-mips@linux-mips.org
Cc: linux@lists.openrisc.net
Cc: linux-parisc@vger.kernel.org
Cc: linuxppc-dev@lists.ozlabs.org
Cc: linux-s390@vger.kernel.org
Cc: linux-sh@vger.kernel.org
Cc: sparclinux@vger.kernel.org
Cc: user-mode-linux-devel@lists.sourceforge.net
Cc: linux-xtensa@linux-xtensa.org
Cc: x86@kernel.org
上级 ce5d1128
......@@ -321,7 +321,7 @@ asmlinkage unsigned long syscall_trace_enter(void)
if (test_thread_flag(TIF_SYSCALL_TRACE) &&
tracehook_report_syscall_entry(current_pt_regs()))
ret = -1UL;
audit_syscall_entry(AUDIT_ARCH_ALPHA, regs->r0, regs->r16, regs->r17, regs->r18, regs->r19);
audit_syscall_entry(regs->r0, regs->r16, regs->r17, regs->r18, regs->r19);
return ret ?: current_pt_regs()->r0;
}
......
......@@ -944,8 +944,8 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs, int scno)
if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
trace_sys_enter(regs, scno);
audit_syscall_entry(AUDIT_ARCH_ARM, scno, regs->ARM_r0, regs->ARM_r1,
regs->ARM_r2, regs->ARM_r3);
audit_syscall_entry(scno, regs->ARM_r0, regs->ARM_r1, regs->ARM_r2,
regs->ARM_r3);
return scno;
}
......
......@@ -1219,7 +1219,7 @@ syscall_trace_enter (long arg0, long arg1, long arg2, long arg3,
ia64_sync_krbs();
audit_syscall_entry(AUDIT_ARCH_IA64, regs.r15, arg0, arg1, arg2, arg3);
audit_syscall_entry(regs.r15, arg0, arg1, arg2, arg3);
return 0;
}
......
......@@ -147,8 +147,7 @@ asmlinkage long do_syscall_trace_enter(struct pt_regs *regs)
*/
ret = -1L;
audit_syscall_entry(EM_MICROBLAZE, regs->r12, regs->r5, regs->r6,
regs->r7, regs->r8);
audit_syscall_entry(regs->r12, regs->r5, regs->r6, regs->r7, regs->r8);
return ret ?: regs->r12;
}
......
......@@ -649,9 +649,7 @@ asmlinkage long syscall_trace_enter(struct pt_regs *regs, long syscall)
if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
trace_sys_enter(regs, regs->regs[2]);
audit_syscall_entry(syscall_get_arch(),
syscall,
regs->regs[4], regs->regs[5],
audit_syscall_entry(syscall, regs->regs[4], regs->regs[5],
regs->regs[6], regs->regs[7]);
return syscall;
}
......
......@@ -187,8 +187,7 @@ asmlinkage long do_syscall_trace_enter(struct pt_regs *regs)
*/
ret = -1L;
audit_syscall_entry(AUDIT_ARCH_OPENRISC, regs->gpr[11],
regs->gpr[3], regs->gpr[4],
audit_syscall_entry(regs->gpr[11], regs->gpr[3], regs->gpr[4],
regs->gpr[5], regs->gpr[6]);
return ret ? : regs->gpr[11];
......
......@@ -276,14 +276,11 @@ long do_syscall_trace_enter(struct pt_regs *regs)
#ifdef CONFIG_64BIT
if (!is_compat_task())
audit_syscall_entry(AUDIT_ARCH_PARISC64,
regs->gr[20],
regs->gr[26], regs->gr[25],
regs->gr[24], regs->gr[23]);
audit_syscall_entry(regs->gr[20], regs->gr[26], regs->gr[25],
regs->gr[24], regs->gr[23]);
else
#endif
audit_syscall_entry(AUDIT_ARCH_PARISC,
regs->gr[20] & 0xffffffff,
audit_syscall_entry(regs->gr[20] & 0xffffffff,
regs->gr[26] & 0xffffffff,
regs->gr[25] & 0xffffffff,
regs->gr[24] & 0xffffffff,
......
......@@ -1788,14 +1788,11 @@ long do_syscall_trace_enter(struct pt_regs *regs)
#ifdef CONFIG_PPC64
if (!is_32bit_task())
audit_syscall_entry(AUDIT_ARCH_PPC64,
regs->gpr[0],
regs->gpr[3], regs->gpr[4],
audit_syscall_entry(regs->gpr[0], regs->gpr[3], regs->gpr[4],
regs->gpr[5], regs->gpr[6]);
else
#endif
audit_syscall_entry(AUDIT_ARCH_PPC,
regs->gpr[0],
audit_syscall_entry(regs->gpr[0],
regs->gpr[3] & 0xffffffff,
regs->gpr[4] & 0xffffffff,
regs->gpr[5] & 0xffffffff,
......
......@@ -828,9 +828,7 @@ asmlinkage long do_syscall_trace_enter(struct pt_regs *regs)
if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
trace_sys_enter(regs, regs->gprs[2]);
audit_syscall_entry(is_compat_task() ?
AUDIT_ARCH_S390 : AUDIT_ARCH_S390X,
regs->gprs[2], regs->orig_gpr2,
audit_syscall_entry(regs->gprs[2], regs->orig_gpr2,
regs->gprs[3], regs->gprs[4],
regs->gprs[5]);
out:
......
......@@ -484,17 +484,6 @@ long arch_ptrace(struct task_struct *child, long request,
return ret;
}
static inline int audit_arch(void)
{
int arch = EM_SH;
#ifdef CONFIG_CPU_LITTLE_ENDIAN
arch |= __AUDIT_ARCH_LE;
#endif
return arch;
}
asmlinkage long do_syscall_trace_enter(struct pt_regs *regs)
{
long ret = 0;
......@@ -513,8 +502,7 @@ asmlinkage long do_syscall_trace_enter(struct pt_regs *regs)
if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
trace_sys_enter(regs, regs->regs[0]);
audit_syscall_entry(audit_arch(), regs->regs[3],
regs->regs[4], regs->regs[5],
audit_syscall_entry(regs->regs[3], regs->regs[4], regs->regs[5],
regs->regs[6], regs->regs[7]);
return ret ?: regs->regs[0];
......
......@@ -504,20 +504,6 @@ asmlinkage int sh64_ptrace(long request, long pid,
return sys_ptrace(request, pid, addr, data);
}
static inline int audit_arch(void)
{
int arch = EM_SH;
#ifdef CONFIG_64BIT
arch |= __AUDIT_ARCH_64BIT;
#endif
#ifdef CONFIG_CPU_LITTLE_ENDIAN
arch |= __AUDIT_ARCH_LE;
#endif
return arch;
}
asmlinkage long long do_syscall_trace_enter(struct pt_regs *regs)
{
long long ret = 0;
......@@ -536,8 +522,7 @@ asmlinkage long long do_syscall_trace_enter(struct pt_regs *regs)
if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
trace_sys_enter(regs, regs->regs[9]);
audit_syscall_entry(audit_arch(), regs->regs[1],
regs->regs[2], regs->regs[3],
audit_syscall_entry(regs->regs[1], regs->regs[2], regs->regs[3],
regs->regs[4], regs->regs[5]);
return ret ?: regs->regs[9];
......
......@@ -1076,13 +1076,8 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs)
if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
trace_sys_enter(regs, regs->u_regs[UREG_G1]);
audit_syscall_entry((test_thread_flag(TIF_32BIT) ?
AUDIT_ARCH_SPARC :
AUDIT_ARCH_SPARC64),
regs->u_regs[UREG_G1],
regs->u_regs[UREG_I0],
regs->u_regs[UREG_I1],
regs->u_regs[UREG_I2],
audit_syscall_entry(regs->u_regs[UREG_G1], regs->u_regs[UREG_I0],
regs->u_regs[UREG_I1], regs->u_regs[UREG_I2],
regs->u_regs[UREG_I3]);
return ret;
......
......@@ -165,8 +165,7 @@ static void send_sigtrap(struct task_struct *tsk, struct uml_pt_regs *regs,
*/
void syscall_trace_enter(struct pt_regs *regs)
{
audit_syscall_entry(HOST_AUDIT_ARCH,
UPT_SYSCALL_NR(&regs->regs),
audit_syscall_entry(UPT_SYSCALL_NR(&regs->regs),
UPT_SYSCALL_ARG1(&regs->regs),
UPT_SYSCALL_ARG2(&regs->regs),
UPT_SYSCALL_ARG3(&regs->regs),
......
......@@ -1488,15 +1488,11 @@ long syscall_trace_enter(struct pt_regs *regs)
trace_sys_enter(regs, regs->orig_ax);
if (IS_IA32)
audit_syscall_entry(AUDIT_ARCH_I386,
regs->orig_ax,
regs->bx, regs->cx,
audit_syscall_entry(regs->orig_ax, regs->bx, regs->cx,
regs->dx, regs->si);
#ifdef CONFIG_X86_64
else
audit_syscall_entry(AUDIT_ARCH_X86_64,
regs->orig_ax,
regs->di, regs->si,
audit_syscall_entry(regs->orig_ax, regs->di, regs->si,
regs->dx, regs->r10);
#endif
......
......@@ -47,8 +47,6 @@ struct user_desc;
#ifdef CONFIG_X86_32
#define HOST_AUDIT_ARCH AUDIT_ARCH_I386
extern int ptrace_get_thread_area(struct task_struct *child, int idx,
struct user_desc __user *user_desc);
......@@ -57,8 +55,6 @@ extern int ptrace_set_thread_area(struct task_struct *child, int idx,
#else
#define HOST_AUDIT_ARCH AUDIT_ARCH_X86_64
#define PT_REGS_R8(r) UPT_R8(&(r)->regs)
#define PT_REGS_R9(r) UPT_R9(&(r)->regs)
#define PT_REGS_R10(r) UPT_R10(&(r)->regs)
......
......@@ -342,7 +342,7 @@ void do_syscall_trace_enter(struct pt_regs *regs)
do_syscall_trace();
#if 0
audit_syscall_entry(current, AUDIT_ARCH_XTENSA..);
audit_syscall_entry(...);
#endif
}
......
......@@ -26,6 +26,7 @@
#include <linux/sched.h>
#include <linux/ptrace.h>
#include <uapi/linux/audit.h>
#include <asm/syscall.h>
struct audit_sig_info {
uid_t uid;
......@@ -141,12 +142,12 @@ static inline void audit_free(struct task_struct *task)
if (unlikely(task->audit_context))
__audit_free(task);
}
static inline void audit_syscall_entry(int arch, int major, unsigned long a0,
static inline void audit_syscall_entry(int major, unsigned long a0,
unsigned long a1, unsigned long a2,
unsigned long a3)
{
if (unlikely(current->audit_context))
__audit_syscall_entry(arch, major, a0, a1, a2, a3);
__audit_syscall_entry(syscall_get_arch(), major, a0, a1, a2, a3);
}
static inline void audit_syscall_exit(void *pt_regs)
{
......@@ -322,7 +323,7 @@ static inline int audit_alloc(struct task_struct *task)
}
static inline void audit_free(struct task_struct *task)
{ }
static inline void audit_syscall_entry(int arch, int major, unsigned long a0,
static inline void audit_syscall_entry(int major, unsigned long a0,
unsigned long a1, unsigned long a2,
unsigned long a3)
{ }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册