Skip to content

Commit ef1a935

Browse files
jcmvbkbcjcmvbkbc
committed
xtensa: add audit support
All bits needed for syscall audit are present on xtensa. Add audit_syscall_entry and audit_syscall_exit calls and select HAVE_ARCH_AUDITSYSCALL in Kconfig. Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
1 parent 92ed301 commit ef1a935

3 files changed

Lines changed: 10 additions & 1 deletion

File tree

arch/xtensa/Kconfig

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ config XTENSA
2121
select GENERIC_PCI_IOMAP
2222
select GENERIC_SCHED_CLOCK
2323
select GENERIC_STRNCPY_FROM_USER if KASAN
24+
select HAVE_ARCH_AUDITSYSCALL
2425
select HAVE_ARCH_JUMP_LABEL if !XIP_KERNEL
2526
select HAVE_ARCH_KASAN if MMU && !XIP_KERNEL
2627
select HAVE_ARCH_TRACEHOOK

arch/xtensa/include/asm/thread_info.h

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -111,15 +111,17 @@ static inline struct thread_info *current_thread_info(void)
111111
#define TIF_RESTORE_SIGMASK 6 /* restore signal mask in do_signal() */
112112
#define TIF_NOTIFY_RESUME 7 /* callback before returning to user */
113113
#define TIF_DB_DISABLED 8 /* debug trap disabled for syscall */
114+
#define TIF_SYSCALL_AUDIT 9 /* syscall auditing active */
114115

115116
#define _TIF_SYSCALL_TRACE (1<<TIF_SYSCALL_TRACE)
116117
#define _TIF_SIGPENDING (1<<TIF_SIGPENDING)
117118
#define _TIF_NEED_RESCHED (1<<TIF_NEED_RESCHED)
118119
#define _TIF_SINGLESTEP (1<<TIF_SINGLESTEP)
119120
#define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT)
121+
#define _TIF_SYSCALL_AUDIT (1<<TIF_SYSCALL_AUDIT)
120122

121123
#define _TIF_WORK_MASK (_TIF_SYSCALL_TRACE | _TIF_SINGLESTEP | \
122-
_TIF_SYSCALL_TRACEPOINT)
124+
_TIF_SYSCALL_TRACEPOINT | _TIF_SYSCALL_AUDIT)
123125

124126
#define THREAD_SIZE KERNEL_STACK_SIZE
125127
#define THREAD_SIZE_ORDER (KERNEL_STACK_SHIFT - PAGE_SHIFT)

arch/xtensa/kernel/ptrace.c

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
* Marc Gauthier<marc@tensilica.com> <marc@alumni.uwaterloo.ca>
1313
*/
1414

15+
#include <linux/audit.h>
1516
#include <linux/errno.h>
1617
#include <linux/hw_breakpoint.h>
1718
#include <linux/kernel.h>
@@ -562,13 +563,18 @@ int do_syscall_trace_enter(struct pt_regs *regs)
562563
if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
563564
trace_sys_enter(regs, syscall_get_nr(current, regs));
564565

566+
audit_syscall_entry(regs->syscall, regs->areg[6],
567+
regs->areg[3], regs->areg[4],
568+
regs->areg[5]);
565569
return 1;
566570
}
567571

568572
void do_syscall_trace_leave(struct pt_regs *regs)
569573
{
570574
int step;
571575

576+
audit_syscall_exit(regs);
577+
572578
if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
573579
trace_sys_exit(regs, regs_return_value(regs));
574580

0 commit comments

Comments
 (0)