CHROMIUM: seccomp: set -ENOSYS if there is no tracer

[Will attempt to add to -next, but this may need to wait until there is a motivating usecase, like ARM, since x86 does the right thing already.] On some arches, -ENOSYS is not set as the default system call return value. This means that a skipped or invalid system call does not yield this response. That behavior is not inline with the stated ABI of seccomp filter. To that end, we ensure we set that value here to avoid arch idiosyncrasies. Signed-off-by: Will Drewry <wad@chromium.org> TEST=tegra2_kaen; boot, strace works, seccomp testsuite trace tests pass BUG=chromium-os:27878 Change-Id: I03a5e633d2fbb5d3d3cc33c067b2887068364c17 Reviewed-on: https://gerrit.chromium.org/gerrit/21337 Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Will Drewry <wad@chromium.org> Tested-by: Will Drewry <wad@chromium.org> Signed-off-by: Sasha Levitskiy <sanek@google.com>
2012-04-27 11:25:30 -05:00 · 2012-04-27 11:25:30 -05:00 · 447e37ff28
parent c611bc8428
commit 447e37ff28
1 changed files with 5 additions and 1 deletions
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@ -413,8 +413,12 @@ int __secure_computing(int this_syscall)
 			goto skip;
 		case SECCOMP_RET_TRACE:
 			/* Skip these calls if there is no tracer. */
-			if (!ptrace_event_enabled(current, PTRACE_EVENT_SECCOMP))
+			if (!ptrace_event_enabled(current, PTRACE_EVENT_SECCOMP)) {
+				/* Make sure userspace sees an ENOSYS. */
+				syscall_set_return_value(current,
+					task_pt_regs(current), -ENOSYS, 0);
 				goto skip;
+			}
 			/* Allow the BPF to provide the event message */
 			ptrace_event(PTRACE_EVENT_SECCOMP, data);
 			/*