Package: linux-image-2.6.26-1-amd64 Version: 2.6.26-13 Tags: patch Severity: important
Linux commit c09249f8d1b84344eca882547afdbffee8c09d14 in v2.6.29-rc4 fixes a bug that is completely breaking glibc's missing syscall detection for i386 binaries on x86_64. This bug affects all kernels between v2.6.26 and v2.6.29-rc3. One of the symptoms of this bug is that when i386 binaries compiled on newer systems use the popen() call, which attempts to detect the new pipe2() syscall in v2.6.27, the subprocess will output to a random file descriptor (typically stdout) instead of the pipe; see <https://launchpad.net/bugs/339743>. There are likely to be more and more problems as new syscalls get implemented. I have verified that this patch applies on kernel 2.6.26 and fixes the problem. Please apply it to the Debian kernel. >From c09249f8d1b84344eca882547afdbffee8c09d14 Mon Sep 17 00:00:00 2001 From: Roland McGrath <[email protected]> Date: Fri, 6 Feb 2009 18:15:18 -0800 Subject: [PATCH] x86-64: fix int $0x80 -ENOSYS return One of my past fixes to this code introduced a different new bug. When using 32-bit "int $0x80" entry for a bogus syscall number, the return value is not correctly set to -ENOSYS. This only happens when neither syscall-audit nor syscall tracing is enabled (i.e., never seen if auditd ever started). Test program: /* gcc -o int80-badsys -m32 -g int80-badsys.c Run on x86-64 kernel. Note to reproduce the bug you need auditd never to have started. */ #include <errno.h> #include <stdio.h> int main (void) { long res; asm ("int $0x80" : "=a" (res) : "0" (99999)); printf ("bad syscall returns %ld\n", res); return res != -ENOSYS; } The fix makes the int $0x80 path match the sysenter and syscall paths. Reported-by: Dmitry V. Levin <[email protected]> Signed-off-by: Roland McGrath <[email protected]> --- arch/x86/ia32/ia32entry.S | 8 +++++--- 1 files changed, 5 insertions(+), 3 deletions(-) diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S index 256b00b..5a0d76d 100644 --- a/arch/x86/ia32/ia32entry.S +++ b/arch/x86/ia32/ia32entry.S @@ -418,9 +418,9 @@ ENTRY(ia32_syscall) orl $TS_COMPAT,TI_status(%r10) testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%r10) jnz ia32_tracesys -ia32_do_syscall: cmpl $(IA32_NR_syscalls-1),%eax - ja int_ret_from_sys_call /* ia32_tracesys has set RAX(%rsp) */ + ja ia32_badsys +ia32_do_call: IA32_ARG_FIXUP call *ia32_sys_call_table(,%rax,8) # xxx: rip relative ia32_sysret: @@ -435,7 +435,9 @@ ia32_tracesys: call syscall_trace_enter LOAD_ARGS32 ARGOFFSET /* reload args from stack in case ptrace changed it */ RESTORE_REST - jmp ia32_do_syscall + cmpl $(IA32_NR_syscalls-1),%eax + ja int_ret_from_sys_call /* ia32_tracesys has set RAX(%rsp) */ + jmp ia32_do_call END(ia32_syscall) ia32_badsys: -- 1.6.2-rc2.GIT -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
