From 4b27c47cf8eddb4153a026e89c7b092598c98b12 Mon Sep 17 00:00:00 2001 From: Paul Mundt Date: Wed, 28 Nov 2007 19:58:11 +0900 Subject: sh: syscall auditing for sh5, too. Signed-off-by: Paul Mundt --- arch/sh/kernel/cpu/sh5/entry.S | 10 ++++++---- arch/sh/kernel/ptrace_64.c | 38 ++++++++++++++++++++++++-------------- 2 files changed, 30 insertions(+), 18 deletions(-) diff --git a/arch/sh/kernel/cpu/sh5/entry.S b/arch/sh/kernel/cpu/sh5/entry.S index 0f65bb4372d..dbf2d768450 100644 --- a/arch/sh/kernel/cpu/sh5/entry.S +++ b/arch/sh/kernel/cpu/sh5/entry.S @@ -942,9 +942,6 @@ ret_with_reschedule: getcon KCR0, r6 ! r6 contains current_thread_info ld.l r6, TI_FLAGS, r7 ! r7 contains current_thread_info->flags - ! FIXME:!!! - ! no handling of TIF_SYSCALL_TRACE yet!! - movi _TIF_NEED_RESCHED, r8 and r8, r7, r8 pta work_resched, tr0 @@ -1280,14 +1277,17 @@ syscall_allowed: getcon KCR0, r2 ld.l r2, TI_FLAGS, r4 - movi (1 << TIF_SYSCALL_TRACE), r6 + movi (_TIF_SYSCALL_TRACE | _TIF_SINGLESTEP | _TIF_SYSCALL_AUDIT), r6 and r6, r4, r6 beq/l r6, ZERO, tr0 /* Trace it by calling syscall_trace before and after */ movi syscall_trace, r4 + or SP, ZERO, r2 + or ZERO, ZERO, r3 ptabs r4, tr0 blink tr0, LINK + /* Reload syscall number as r5 is trashed by syscall_trace */ ld.q SP, FRAME_S(FSYSCALL_ID), r5 andi r5, 0x1ff, r5 @@ -1321,6 +1321,8 @@ syscall_ret_trace: st.q SP, FRAME_R(9), r2 /* Save return value */ movi syscall_trace, LINK + or SP, ZERO, r2 + movi 1, r3 ptabs LINK, tr0 blink tr0, LINK diff --git a/arch/sh/kernel/ptrace_64.c b/arch/sh/kernel/ptrace_64.c index e9cc6ebd2ce..f6fbdfa6876 100644 --- a/arch/sh/kernel/ptrace_64.c +++ b/arch/sh/kernel/ptrace_64.c @@ -1,12 +1,8 @@ /* - * This file is subject to the terms and conditions of the GNU General Public - * License. See the file "COPYING" in the main directory of this archive - * for more details. - * - * arch/sh64/kernel/ptrace.c + * arch/sh/kernel/ptrace_64.c * * Copyright (C) 2000, 2001 Paolo Alberelli - * Copyright (C) 2003 Paul Mundt + * Copyright (C) 2003 - 2007 Paul Mundt * * Started from SH3/4 version: * SuperH version: Copyright (C) 1999, 2000 Kaz Kojima & Niibe Yutaka @@ -15,8 +11,10 @@ * By Ross Biro 1/23/92 * edited by Linus Torvalds * + * This file is subject to the terms and conditions of the GNU General Public + * License. See the file "COPYING" in the main directory of this archive + * for more details. */ - #include #include #include @@ -28,7 +26,7 @@ #include #include #include - +#include #include #include #include @@ -274,17 +272,23 @@ asmlinkage int sh64_ptrace(long request, long pid, long addr, long data) return sys_ptrace(request, pid, addr, data); } -asmlinkage void syscall_trace(void) +asmlinkage void syscall_trace(struct pt_regs *regs, int entryexit) { struct task_struct *tsk = current; - if (!test_thread_flag(TIF_SYSCALL_TRACE)) - return; + if (unlikely(current->audit_context) && entryexit) + audit_syscall_exit(AUDITSC_RESULT(regs->regs[9]), + regs->regs[9]); + + if (!test_thread_flag(TIF_SYSCALL_TRACE) && + !test_thread_flag(TIF_SINGLESTEP)) + goto out; if (!(tsk->ptrace & PT_PTRACED)) - return; + goto out; + + ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD) && + !test_thread_flag(TIF_SINGLESTEP) ? 0x80 : 0)); - ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD) - ? 0x80 : 0)); /* * this isn't the same as continuing with a signal, but it will do * for normal use. strace only continues with a signal if the @@ -294,6 +298,12 @@ asmlinkage void syscall_trace(void) send_sig(tsk->exit_code, tsk, 1); tsk->exit_code = 0; } + +out: + if (unlikely(current->audit_context) && !entryexit) + audit_syscall_entry(AUDIT_ARCH_SH, regs->regs[1], + regs->regs[2], regs->regs[3], + regs->regs[4], regs->regs[5]); } /* Called with interrupts disabled */ -- cgit v1.2.3-18-g5258