On Tue, Nov 10, 2020 at 05:26:38PM +0000, Catalin Marinas wrote: > On Tue, Oct 27, 2020 at 05:19:59PM -0700, Kees Cook wrote: > > To enable seccomp constant action bitmaps, we need to have a static > > mapping to the audit architecture and system call table size. Add these > > for arm64. > > > > Signed-off-by: Kees Cook <keesc...@chromium.org> > > --- > > arch/arm64/include/asm/seccomp.h | 15 +++++++++++++++ > > 1 file changed, 15 insertions(+) > > > > diff --git a/arch/arm64/include/asm/seccomp.h > > b/arch/arm64/include/asm/seccomp.h > > index c36387170936..40f325e7a404 100644 > > --- a/arch/arm64/include/asm/seccomp.h > > +++ b/arch/arm64/include/asm/seccomp.h > > @@ -19,4 +19,19 @@ > > > > #include <asm-generic/seccomp.h> > > > > +#ifdef CONFIG_ARM64 > > +# define SECCOMP_ARCH_NATIVE AUDIT_ARCH_AARCH64 > > +# define SECCOMP_ARCH_NATIVE_NR NR_syscalls > > +# define SECCOMP_ARCH_NATIVE_NAME "arm64" > > "aarch64"? (to match ELF_PLATFORM; not sure what this is used for as > SECCOMP_ARCH_NATIVE_NAME is not defined in 5.10-rc3)
Ah yes, I was thinking of the arch/arm64 name. :) I will fix this. > > > +# ifdef CONFIG_COMPAT > > +# define SECCOMP_ARCH_COMPAT AUDIT_ARCH_ARM > > +# define SECCOMP_ARCH_COMPAT_NR __NR_compat_syscalls > > +# define SECCOMP_ARCH_COMPAT_NAME "arm" > > +# endif > > +#else /* !CONFIG_ARM64 */ > > +# define SECCOMP_ARCH_NATIVE AUDIT_ARCH_ARM > > +# define SECCOMP_ARCH_NATIVE_NR NR_syscalls > > +# define SECCOMP_ARCH_NATIVE_NAME "arm" > > +#endif > > Why do we need a !CONFIG_ARM64 in an arm64 header file? Heh, again, sorry -- I'm so used to the 32/64 being combined as I did the other architectures. I'll fix this too. Thanks! -- Kees Cook
