aboutsummaryrefslogtreecommitdiff
path: root/arch/s390/kernel/ptrace.c
diff options
context:
space:
mode:
authorHeiko Carstens <heiko.carstens@de.ibm.com>2012-07-31 15:37:13 +0200
committerMartin Schwidefsky <schwidefsky@de.ibm.com>2012-08-08 07:32:56 -0700
commitc63cb468f373f479ff52b4a1b75f8ecdeaaf4f16 (patch)
treec89dce49ad36350db1eb224a130a183958f66161 /arch/s390/kernel/ptrace.c
parente206d3da58803de5cd38dc728f6da5221ec18ab0 (diff)
s390/seccomp: add support for system call filtering using BPF
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Diffstat (limited to 'arch/s390/kernel/ptrace.c')
-rw-r--r--arch/s390/kernel/ptrace.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/arch/s390/kernel/ptrace.c b/arch/s390/kernel/ptrace.c
index f4eb37680b9..e4be113fbac 100644
--- a/arch/s390/kernel/ptrace.c
+++ b/arch/s390/kernel/ptrace.c
@@ -719,7 +719,11 @@ asmlinkage long do_syscall_trace_enter(struct pt_regs *regs)
long ret = 0;
/* Do the secure computing check first. */
- secure_computing_strict(regs->gprs[2]);
+ if (secure_computing(regs->gprs[2])) {
+ /* seccomp failures shouldn't expose any additional code. */
+ ret = -1;
+ goto out;
+ }
/*
* The sysc_tracesys code in entry.S stored the system
@@ -745,6 +749,7 @@ asmlinkage long do_syscall_trace_enter(struct pt_regs *regs)
regs->gprs[2], regs->orig_gpr2,
regs->gprs[3], regs->gprs[4],
regs->gprs[5]);
+out:
return ret ?: regs->gprs[2];
}