From b60f6873f5db357aefb8979753cc7f4eb0dff96e Mon Sep 17 00:00:00 2001
From: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Date: Wed, 11 Feb 2015 08:13:56 +0000
Subject: powerpc: Relax secure computing on syscall entry trace

The secure_computing_strict will just force the kernel to panic on
secure_computing failure. Once SECCOMP_FILTER support is enabled in the kernel,
syscalls can be denied without system failure.

v4:
- rebase on top of 3.19

v3,v2: no changes

Upstream-Status: Pending [https://lkml.org/lkml/2015/2/18/53]

Signed-off-by: Bogdan Purcareata <bogdan.purcareata@freescale.com>
Change-Id: Icd077291db86657edce29b8079696fc8e48e554e
Reviewed-on: http://git.am.freescale.net:8181/33031
Tested-by: Honghua Yin <Hong-Hua.Yin@freescale.com>
Reviewed-by: Honghua Yin <Hong-Hua.Yin@freescale.com>

diff --git a/arch/powerpc/kernel/ptrace.c b/arch/powerpc/kernel/ptrace.c
index ed1f0fb..f4755cf 100644
--- a/arch/powerpc/kernel/ptrace.c
+++ b/arch/powerpc/kernel/ptrace.c
@@ -1772,7 +1772,9 @@ long do_syscall_trace_enter(struct pt_regs *regs)
 
 	user_exit();
 
-	secure_computing_strict(regs->gpr[0]);
+	/* Do the secure computing check first; failures should be fast. */
+	if (secure_computing() == -1)
+		return -1L;
 
 	if (test_thread_flag(TIF_SYSCALL_TRACE) &&
 	    tracehook_report_syscall_entry(regs)) {
-- 
cgit v0.10.2