Commit a5662e4d authored by Tycho Andersen's avatar Tycho Andersen Committed by Kees Cook

seccomp: switch system call argument type to void *

The const qualifier causes problems for any code that wants to write to the
third argument of the seccomp syscall, as we will do in a future patch in
this series.

The third argument to the seccomp syscall is documented as void *, so
rather than just dropping the const, let's switch everything to use void *
as well.

I believe this is safe because of 1. the documentation above, 2. there's no
real type information exported about syscalls anywhere besides the man
pages.
Signed-off-by: default avatarTycho Andersen <tycho@tycho.ws>
CC: Kees Cook <keescook@chromium.org>
CC: Andy Lutomirski <luto@amacapital.net>
CC: Oleg Nesterov <oleg@redhat.com>
CC: Eric W. Biederman <ebiederm@xmission.com>
CC: "Serge E. Hallyn" <serge@hallyn.com>
Acked-by: default avatarSerge Hallyn <serge@hallyn.com>
CC: Christian Brauner <christian@brauner.io>
CC: Tyler Hicks <tyhicks@canonical.com>
CC: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
parent db511391
...@@ -43,7 +43,7 @@ extern void secure_computing_strict(int this_syscall); ...@@ -43,7 +43,7 @@ extern void secure_computing_strict(int this_syscall);
#endif #endif
extern long prctl_get_seccomp(void); extern long prctl_get_seccomp(void);
extern long prctl_set_seccomp(unsigned long, char __user *); extern long prctl_set_seccomp(unsigned long, void __user *);
static inline int seccomp_mode(struct seccomp *s) static inline int seccomp_mode(struct seccomp *s)
{ {
......
...@@ -879,7 +879,7 @@ asmlinkage long sys_renameat2(int olddfd, const char __user *oldname, ...@@ -879,7 +879,7 @@ asmlinkage long sys_renameat2(int olddfd, const char __user *oldname,
int newdfd, const char __user *newname, int newdfd, const char __user *newname,
unsigned int flags); unsigned int flags);
asmlinkage long sys_seccomp(unsigned int op, unsigned int flags, asmlinkage long sys_seccomp(unsigned int op, unsigned int flags,
const char __user *uargs); void __user *uargs);
asmlinkage long sys_getrandom(char __user *buf, size_t count, asmlinkage long sys_getrandom(char __user *buf, size_t count,
unsigned int flags); unsigned int flags);
asmlinkage long sys_memfd_create(const char __user *uname_ptr, unsigned int flags); asmlinkage long sys_memfd_create(const char __user *uname_ptr, unsigned int flags);
......
...@@ -924,7 +924,7 @@ static long seccomp_get_action_avail(const char __user *uaction) ...@@ -924,7 +924,7 @@ static long seccomp_get_action_avail(const char __user *uaction)
/* Common entry point for both prctl and syscall. */ /* Common entry point for both prctl and syscall. */
static long do_seccomp(unsigned int op, unsigned int flags, static long do_seccomp(unsigned int op, unsigned int flags,
const char __user *uargs) void __user *uargs)
{ {
switch (op) { switch (op) {
case SECCOMP_SET_MODE_STRICT: case SECCOMP_SET_MODE_STRICT:
...@@ -944,7 +944,7 @@ static long do_seccomp(unsigned int op, unsigned int flags, ...@@ -944,7 +944,7 @@ static long do_seccomp(unsigned int op, unsigned int flags,
} }
SYSCALL_DEFINE3(seccomp, unsigned int, op, unsigned int, flags, SYSCALL_DEFINE3(seccomp, unsigned int, op, unsigned int, flags,
const char __user *, uargs) void __user *, uargs)
{ {
return do_seccomp(op, flags, uargs); return do_seccomp(op, flags, uargs);
} }
...@@ -956,10 +956,10 @@ SYSCALL_DEFINE3(seccomp, unsigned int, op, unsigned int, flags, ...@@ -956,10 +956,10 @@ SYSCALL_DEFINE3(seccomp, unsigned int, op, unsigned int, flags,
* *
* Returns 0 on success or -EINVAL on failure. * Returns 0 on success or -EINVAL on failure.
*/ */
long prctl_set_seccomp(unsigned long seccomp_mode, char __user *filter) long prctl_set_seccomp(unsigned long seccomp_mode, void __user *filter)
{ {
unsigned int op; unsigned int op;
char __user *uargs; void __user *uargs;
switch (seccomp_mode) { switch (seccomp_mode) {
case SECCOMP_MODE_STRICT: case SECCOMP_MODE_STRICT:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment