Re: [PATCH] arm64: Mirror arm for small unimplemented compat syscalls

Thu, 03 Jan 2019 08:52:45 -0800 

On Thu, Jan 03, 2019 at 11:50:12AM +0000, Dave Martin wrote:
> On Thu, Jan 03, 2019 at 03:45:47PM +0800, Pi-Hsun Shih wrote:
> > For syscall number smaller than 0xf0000, arm calls sys_ni_syscall
> > instead of arm_syscall in arch/arm/kernel/entry-common.S, which returns
> > -ENOSYS instead of raising SIGILL. Mirror this behavior for compat
> > syscalls in arm64.
> > 
> > Fixes: 532826f3712b607 ("arm64: Mirror arm for unimplemented compat
> > syscalls")
> > Signed-off-by: Pi-Hsun Shih <pih...@chromium.org>
> > ---
> >  arch/arm64/kernel/syscall.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/arch/arm64/kernel/syscall.c b/arch/arm64/kernel/syscall.c
> > index 8f3371415642ad..95fd8c7ec8a171 100644
> > --- a/arch/arm64/kernel/syscall.c
> > +++ b/arch/arm64/kernel/syscall.c
> > @@ -21,7 +21,7 @@ asmlinkage long do_ni_syscall(struct pt_regs *regs)
> >  {
> >  #ifdef CONFIG_COMPAT
> >     long ret;
> > -   if (is_compat_task()) {
> > +   if (is_compat_task() && regs->regs[7] >= __ARM_NR_COMPAT_BASE) {
> 
> compat_arm_syscall() ignores all bits r7 except for bits [15:0].
> 
> So, doesn't this mean that 0xf0000, 0x100000, 0x110000 will all do the
> same thing now?  (Previously to your patch, 0xe0000, 0xd0000 etc. would
> also match in this code I've misunderstood something.)
> 
> The gating check in arch/arm/kernel/trapc.s:arm_syscall() is
> 
>       if ((no >> 16) != (__ARM_NR_BASE>> 16))
> 
> I would expect that arm64 needs a similar check somewhere.  Is the check
> already present?  I may have missed it.

When not using OABI, __ARM_NR_BASE is zero, so I think the 32-bit semantics
for non-OABI are:

        0       - 399           : Invoke syscall via syscall table
        400     - 0xeffff       : -ENOSYS (to be allocated in future)
        0xf0000 - 0xfffff       : Private syscall or -ENOSYS if not allocated
        > 0xfffff               : SIGILL

so for arm64 compat, we need to do the following:

        1. Ensure we only SIGILL for that last region
        2. Don't pull the syscall number directly from pt_regs, since it
           may have been changed by a tracer
        3. Hook up compat_sys_io_pgetevents

Patches incoming...

Will

Reply via email to