Hello,
there is yet another bug identified.
When the initial syscall number is -1 the new condition bypasses setting
the ENOSYS below in if (unlikely(r0 >= NR_syscalls)) and returns 0.
perl -MPOSIX -e '$!=0; my $r = syscall(-1, 0); print "ret=$r errno=".($!+0)."
($!)\n"'
Normally the result is
ret=-1 errno=38 (Function not implemented)
but with this patch the result is
ret=0 errno=0 ()
fixup below.
On Wed, Jun 24, 2026 at 10:45:20PM +0530, Mukesh Kumar Chaurasiya (IBM) wrote:
> After enabling GENERIC_ENTRY on PowerPC, seccomp filters using
> SCMP_ACT_ERRNO without an explicit errnoRet value return ENOSYS
> (Function not implemented) instead of the expected EPERM (Operation
> not permitted).
>
> The issue occurs in system_call_exception() when
> syscall_enter_from_user_mode()
> returns -1 to indicate the syscall should be skipped (e.g., blocked by
> seccomp).
> The current code treats this -1 as a syscall number and compares it against
> NR_syscalls. Since -1 (when cast to unsigned long) is greater than
> NR_syscalls,
> the code incorrectly returns -ENOSYS, overwriting the errno that seccomp
> already set via syscall_set_return_value().
>
> The generic entry code in syscall_trace_enter() calls __secure_computing(),
> which sets the appropriate errno in regs->gpr[3] and returns -1 to signal
> that the syscall should be skipped. However, the PowerPC syscall handler
> was not checking for this -1 return value before validating the syscall
> number.
>
> Fix this by explicitly checking if syscall_enter_from_user_mode() returns
> -1 and returning the value already set in regs->gpr[3] (the errno from
> seccomp) before performing the syscall number validation.
>
> This aligns PowerPC's behavior with other architectures using GENERIC_ENTRY
> and restores correct seccomp errno handling.
>
> Fixes: bee25f97ad24 ("powerpc: Enable GENERIC_ENTRY feature")
> Reported-by: Michal Suchánek <[email protected]>
> Signed-off-by: Mukesh Kumar Chaurasiya (IBM) <[email protected]>
> ---
> arch/powerpc/kernel/syscall.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/arch/powerpc/kernel/syscall.c b/arch/powerpc/kernel/syscall.c
> index a9da2af6efa8..5b58c8d396c8 100644
> --- a/arch/powerpc/kernel/syscall.c
> +++ b/arch/powerpc/kernel/syscall.c
> @@ -22,6 +22,10 @@ notrace long system_call_exception(struct pt_regs *regs,
> unsigned long r0)
unsigned long r0_initial = r0;
> add_random_kstack_offset();
> r0 = syscall_enter_from_user_mode(regs, r0);
>
> + /* Seccomp or ptrace may have set return value, skip syscall */
> + if (unlikely(r0 == -1L)
&& (r0_initial != -1L))
> + return regs->gpr[3];
> +
> if (unlikely(r0 >= NR_syscalls)) {
> if (unlikely(trap_is_unsupported_scv(regs))) {
> /* Unsupported scv vector */
Thanks
Michal
