summaryrefslogtreecommitdiffstats
path: root/Documentation/features/seccomp (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge tag 'xtensa-20200805' of git://github.com/jcmvbkbc/linux-xtensaLinus Torvalds2020-08-061-1/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pull Xtensa updates from Max Filippov: - add syscall audit support - add seccomp filter support - clean up make rules under arch/xtensa/boot - fix state management for exclusive access opcodes - fix build with PMU enabled * tag 'xtensa-20200805' of git://github.com/jcmvbkbc/linux-xtensa: xtensa: add missing exclusive access state management xtensa: fix xtensa_pmu_setup prototype xtensa: add boot subdirectories build artifacts to 'targets' xtensa: add uImage and xipImage to targets xtensa: move vmlinux.bin[.gz] to boot subdirectory xtensa: initialize_mmu.h: fix a duplicated word selftests/seccomp: add xtensa support xtensa: add seccomp support xtensa: expose syscall through user_pt_regs xtensa: add audit support
| * xtensa: add seccomp supportMax Filippov2020-07-281-1/+1
| | | | | | | | | | | | | | Add SECCOMP to xtensa Kconfig, select HAVE_ARCH_SECCOMP_FILTER, add TIF_SECCOMP and call secure_computing from do_syscall_trace_enter. Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
* | arch: remove unicore32 portMike Rapoport2020-07-011-1/+0
|/ | | | | | | | | | | | | | | | | | | The unicore32 port do not seem maintained for a long time now, there is no upstream toolchain that can create unicore32 binaries and all the links to prebuilt toolchains for unicore32 are dead. Even compilers that were available are not supported by the kernel anymore. Guenter Roeck says: I have stopped building unicore32 images since v4.19 since there is no available compiler that is still supported by the kernel. I am surprised that support for it has not been removed from the kernel. Remove unicore32 port. Signed-off-by: Mike Rapoport <rppt@linux.ibm.com> Acked-by: Arnd Bergmann <arnd@arndb.de> Acked-by: Guenter Roeck <linux@roeck-us.net>
* Documentation/features: Refresh the arch support status filesBjörn Töpel2020-05-251-1/+1
| | | | | | | | | | | | I was manually editing the arch-support.txt for eBPF-JIT, when I realized the refresh script [1] has not been run for a while. Let's fix that, so that the entries are more up-to-date. [1] Documentation/features/scripts/features-refresh.sh Signed-off-by: Björn Töpel <bjorn.topel@gmail.com> Link: https://lore.kernel.org/r/20200523191135.21889-1-bjorn.topel@gmail.com Signed-off-by: Jonathan Corbet <corbet@lwn.net>
* Documentation/features: Add csky kernel featuresGuo Ren2019-01-071-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | core/ cBPF-JIT : TODO | core/ eBPF-JIT : TODO | core/ generic-idle-thread : ok | core/ jump-labels : TODO | core/ tracehook : ok | debug/ KASAN : TODO | debug/ gcov-profile-all : TODO | debug/ kgdb : TODO | debug/ kprobes-on-ftrace : TODO | debug/ kprobes : TODO | debug/ kretprobes : TODO | debug/ optprobes : TODO | debug/ stackprotector : TODO | debug/ uprobes : TODO | debug/ user-ret-profiler : TODO | io/ dma-contiguous : ok | locking/ cmpxchg-local : TODO | locking/ lockdep : TODO | locking/ queued-rwlocks : ok | locking/ queued-spinlocks : TODO | locking/ rwsem-optimized : TODO | perf/ kprobes-event : TODO | perf/ perf-regs : TODO | perf/ perf-stackdump : TODO | sched/ membarrier-sync-core : TODO | sched/ numa-balancing : .. | seccomp/ seccomp-filter : TODO | time/ arch-tick-broadcast : TODO | time/ clockevents : ok | time/ context-tracking : TODO | time/ irq-time-acct : TODO | time/ modern-timekeeping : ok | time/ virt-cpuacct : TODO | vm/ ELF-ASLR : TODO | vm/ PG_uncached : TODO | vm/ THP : .. | vm/ batch-unmap-tlb-flush: TODO | vm/ huge-vmap : TODO | vm/ ioremap_prot : TODO | vm/ numa-memblock : .. | vm/ pte_special : TODO | Signed-off-by: Guo Ren <ren_guo@c-sky.com> Cc: Arnd Bergmann <arnd@arndb.de>
* Documentation/features: Refresh the arch support status files in placeAndrea Parri2018-05-081-2/+4
| | | | | | | | | | | Now that the script 'features-refresh.sh' is available, uses this script to refresh all the arch-support.txt files in place. Signed-off-by: Andrea Parri <andrea.parri@amarulasolutions.com> Cc: Ingo Molnar <mingo@kernel.org> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Jonathan Corbet <corbet@lwn.net>
* Documentation: arch-support: remove obsolete architecturesArnd Bergmann2018-03-261-6/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A number of architecture ports are obsolete and getting dropped, so we no longer want to track the respective features. We already removed the lines for metag and mn10300, this does the same edits for all the others. For the remaining 21 architectures, this shows how many are known to implement each given feature: 19 time/modern-timekeeping/arch-support.txt 19 time/clockevents/arch-support.txt 15 core/tracehook/arch-support.txt 14 core/generic-idle-thread/arch-support.txt 13 locking/lockdep/arch-support.txt 12 io/dma-api-debug/arch-support.txt 11 debug/kgdb/arch-support.txt 10 time/virt-cpuacct/arch-support.txt 9 debug/kretprobes/arch-support.txt 9 debug/kprobes/arch-support.txt 8 vm/THP/arch-support.txt 8 vm/pte_special/arch-support.txt 8 vm/numa-memblock/arch-support.txt 8 io/sg-chain/arch-support.txt 7 perf/kprobes-event/arch-support.txt 7 locking/rwsem-optimized/arch-support.txt 7 debug/gcov-profile-all/arch-support.txt 7 core/jump-labels/arch-support.txt 7 core/BPF-JIT/arch-support.txt 6 vm/ELF-ASLR/arch-support.txt 6 time/context-tracking/arch-support.txt 6 seccomp/seccomp-filter/arch-support.txt 6 debug/stackprotector/arch-support.txt 5 time/irq-time-acct/arch-support.txt 5 io/dma-contiguous/arch-support.txt 5 debug/uprobes/arch-support.txt 4 vm/ioremap_prot/arch-support.txt 4 time/arch-tick-broadcast/arch-support.txt 4 perf/perf-stackdump/arch-support.txt 4 perf/perf-regs/arch-support.txt 3 debug/KASAN/arch-support.txt 2 vm/PG_uncached/arch-support.txt 2 vm/huge-vmap/arch-support.txt 2 sched/numa-balancing/arch-support.txt 2 sched/membarrier-sync-core/arch-support.txt 2 locking/cmpxchg-local/arch-support.txt 2 debug/optprobes/arch-support.txt 2 debug/kprobes-on-ftrace/arch-support.txt 1 vm/TLB/arch-support.txt 1 locking/queued-spinlocks/arch-support.txt 1 locking/queued-rwlocks/arch-support.txt 1 debug/user-ret-profiler/arch-support.txt 0 lib/strncasecmp/arch-support.txt Note that the list does not include riscv or nds32 yet, these still need to be added. Signed-off-by: Arnd Bergmann <arnd@arndb.de>
* mn10300: Remove the architectureDavid Howells2018-03-091-1/+0
| | | | | | | | | | Remove the MN10300 arch as the hardware is defunct. Suggested-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: David Howells <dhowells@redhat.com> cc: Masahiro Yamada <yamada.masahiro@socionext.com> cc: linux-am33-list@redhat.com Signed-off-by: Arnd Bergmann <arnd@arndb.de>
* docs: Remove remaining references to metagJames Hogan2018-02-221-1/+0
| | | | | | | | | | Remove any remaining references to the Meta architecture in Documentation/, primarily from Documentation/features/. Signed-off-by: James Hogan <jhogan@kernel.org> Cc: Jonathan Corbet <corbet@lwn.net> Cc: linux-metag@vger.kernel.org Cc: linux-doc@vger.kernel.org
* docs: remove all references to AVR32 architectureHans-Christian Noren Egtvedt2017-05-011-1/+0
| | | | | | | | | | | The AVR32 architecture support has been removed from the Linux kernel, hence remove all references to it from Documentation. Signed-off-by: Hans-Christian Noren Egtvedt <egtvedt@samfundet.no> Signed-off-by: Håvard Skinnemoen <hskinnemoen@gmail.com> Signed-off-by: Nicolas Ferre <nicolas.ferre@microchip.com> Acked-by: Andy Shevchenko <andy.shevchenko@gmail.com> Acked-by: Boris Brezillon <boris.brezillon@free-electrons.com>
* um: Add seccomp supportMickaël Salaün2016-01-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | This brings SECCOMP_MODE_STRICT and SECCOMP_MODE_FILTER support through prctl(2) and seccomp(2) to User-mode Linux for i386 and x86_64 subarchitectures. secure_computing() is called first in handle_syscall() so that the syscall emulation will be aborted quickly if matching a seccomp rule. This is inspired from Meredydd Luff's patch (https://gerrit.chromium.org/gerrit/21425). Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Jeff Dike <jdike@addtoit.com> Cc: Richard Weinberger <richard@nod.at> Cc: Ingo Molnar <mingo@redhat.com> Cc: Kees Cook <keescook@chromium.org> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Will Drewry <wad@chromium.org> Cc: Chris Metcalf <cmetcalf@ezchip.com> Cc: Michael Ellerman <mpe@ellerman.id.au> Cc: James Hogan <james.hogan@imgtec.com> Cc: Meredydd Luff <meredydd@senatehouse.org> Cc: David Drysdale <drysdale@google.com> Signed-off-by: Richard Weinberger <richard@nod.at> Acked-by: Kees Cook <keescook@chromium.org>
* tile: enable full SECCOMP supportChris Metcalf2015-07-301-1/+1
| | | | Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>
* Documentation/features/seccomp: Add feature description and arch support ↵Ingo Molnar2015-06-031-0/+40
status file for 'seccomp-filter' Cc: <linux-api@vger.kernel.org> Cc: <linux-arch@vger.kernel.org> Cc: <linux-kernel@vger.kernel.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Josh Triplett <josh@joshtriplett.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Ingo Molnar <mingo@kernel.org>