diff options
| author | Nathan Lynch <nathanl@linux.ibm.com> | 2023-12-12 11:01:52 -0600 |
|---|---|---|
| committer | Michael Ellerman <mpe@ellerman.id.au> | 2023-12-13 21:38:20 +1100 |
| commit | e7582edb78619abb4ebf0a6e1fed125dcd7243b6 (patch) | |
| tree | 528aaa30585c843a03e7c2a38c4b069aed070901 /tools/perf/scripts/python/syscall-counts-by-pid.py | |
| parent | 9592aa5ad59e736727fe7894e6e820e2d851abcf (diff) | |
powerpc/rtas: Move token validation from block_rtas_call() to sys_rtas()
The rtas system call handler sys_rtas() delegates certain input
validation steps to a helper function: block_rtas_call(). One of these
steps ensures that the user-supplied token value maps to a known RTAS
function. This is done by performing a "reverse" token-to-function
lookup via rtas_token_to_function_untrusted() to obtain an
rtas_function object.
In changes to come, sys_rtas() itself will need the function
descriptor for the token. To prepare:
* Move the lookup and validation up into sys_rtas() and pass the
resulting rtas_function pointer to block_rtas_call(), which is
otherwise unconcerned with the token value.
* Change block_rtas_call() to report the RTAS function name instead of
the token value on validation failures, since it can now rely on
having a valid function descriptor.
One behavior change is that sys_rtas() now silently errors out when
passed a bad token, before calling block_rtas_call(). So we will no
longer log "RTAS call blocked - exploit attempt?" on invalid
tokens. This is consistent with how sys_rtas() currently handles other
"metadata" (nargs and nret), while block_rtas_call() is primarily
concerned with validating the arguments to be passed to specific RTAS
functions.
Signed-off-by: Nathan Lynch <nathanl@linux.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://msgid.link/20231212-papr-sys_rtas-vs-lockdown-v6-5-e9eafd0c8c6c@linux.ibm.com
Diffstat (limited to 'tools/perf/scripts/python/syscall-counts-by-pid.py')
0 files changed, 0 insertions, 0 deletions