From c90f06943e05519a87140dc407cf589c220aeedf Mon Sep 17 00:00:00 2001 From: Helge Deller Date: Wed, 27 Aug 2014 14:39:56 +0200 Subject: parisc: Wire up seccomp, getrandom and memfd_create syscalls With secure computing we only support the SECCOMP_MODE_STRICT mode for now. Signed-off-by: Helge Deller --- arch/parisc/kernel/ptrace.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'arch/parisc/kernel/ptrace.c') diff --git a/arch/parisc/kernel/ptrace.c b/arch/parisc/kernel/ptrace.c index e842ee233db4..3bab72462ab5 100644 --- a/arch/parisc/kernel/ptrace.c +++ b/arch/parisc/kernel/ptrace.c @@ -270,6 +270,12 @@ long do_syscall_trace_enter(struct pt_regs *regs) { long ret = 0; + /* Do the secure computing check first. */ + if (secure_computing(regs->gr[20])) { + /* seccomp failures shouldn't expose any additional code. */ + return -1; + } + if (test_thread_flag(TIF_SYSCALL_TRACE) && tracehook_report_syscall_entry(regs)) ret = -1L; -- cgit v1.2.3-55-g7522