[libseccomp-discuss] ARM audit, seccomp, etc are broken wrt OABI syscalls
Will Drewry
wad at chromium.org
Wed Nov 6 16:20:44 EST 2013
On Wed, Nov 6, 2013 at 9:51 AM, Russell King - ARM Linux
<linux at arm.linux.org.uk> wrote:
> On Wed, Nov 06, 2013 at 10:32:31AM -0500, Eric Paris wrote:
>> On Tue, 2013-11-05 at 14:36 -0800, Andy Lutomirski wrote:
>> > 1. Set a different audit arch for OABI syscalls (e.g.
>> > AUDIT_ARCH_ARMOABI). That is, treat OABI syscall entries the same way
>> > that x86_64 treats int 80.
>>
>> As the audit maintainer, I like #1. It might break ABI, but the ABI is
>> flat wrong now and not maintainable...
>
> If you read the whole thread, you will see that this corner case is just
> not worth the effort to support. Audit may as well be disabled by
> kernel config if any OABI support is enabled.
This might be the best move for seccomp too (as Kees suggested). I'd
love to have audit arch visibility, but it's not clear that it's worth
any sort of larger changes ...
... like adding a task_thread_info.compat flag that bubbles up to
syscall_get_arch(), or if we assume consumers of syscall_get_nr() are
broken today (I haven't checked), then it would be possible to at
least re-add the 0x900000 bits, if compat, before handing back the
system call number but leave the audit arch pieces alone.
More information about the linux-arm-kernel
mailing list