So, s390x ptrace does allow to set the syscall and return code as long
as it sets the return code at exit time.
However, when using seccomp SECCOMP_RET_TRACE, there is no possibility
to change it at exit time (by doing a ptrace after SECCOMP_RET_TRACE
stops the process). It only happens at entry time. Then, either the
syscall or return value could be set. This is aggravated by the fact
that when seccomp checks for an invalid syscall in order to skip
executing it, it checks for int_code, which cannot be changed by ptrace.
This is probably something that could be reviewed, however.
Without the code change that led to this test regression, the test sets
gpr[2] twice, once for the syscall number, then for the return value.
That return value was being used later on as the return code as it was
an invalid syscall number, which made the test accidentally work.
Now, instead, ENOSYS is returned, and the test fails.
One regression, however, that this patch causes (but not on 4.15), is
that when seccomp returns failure because of a signal, the
signal_restart should not be skipped, but it is. This causes a test
(that we don't currently run) to fail on 5.4, but that is not a
regression and has been like that on 5.4 since forever.
Upstream has changed the entry code for a common code, which should not
have this bug. That needs to be verified, though. Then, a different fix
should be applied to our earlier kernels, like this one:
@@ -905,7 +905,7 @@ asmlinkage long do_syscall_trace_enter(struct pt_regs *regs)
sd.args[5] = regs->gprs[7] & mask;
if (__secure_computing() == -1)
- goto skip;
+ return -1;
}
#endif /* CONFIG_SECCOMP */
Then, seccomp_bpf can be run just fine on 5.8, for example. 5.4 possibly
needs one small fix for s390x to work, instead of the very large
patchset I thought was needed.
That would be:
commit 4bae85b620dc1f7aa4d2338b923d9d9b394b58c4
Author: Sven Schnelle
Date: Mon Mar 9 16:56:53 2020 +0100
selftests/seccomp: s390 shares the syscall and return value register
s390 cannot set syscall number and reture code at the same time,
so set the appropriate flag to indicate it.
Signed-off-by: Sven Schnelle
Signed-off-by: Vasily Gorbik
Which is the same that is likely needed for 4.15 to skip these tests.
Cascardo.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1928522
Title:
seccomp_bpf from ubuntu_kernel_selftests.seccomp in linux ADT test
failure with linux/4.15.0-144.148
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Bionic:
New
Status in linux source package in Focal:
New
Status in linux source package in Groovy:
New
Status in linux source package in Hirsute:
Fix Released
Status in linux source package in Impish:
Fix Released
Bug description:
This is a scripted bug report about ADT failures while running linux
tests for linux/4.15.0-144.148 on bionic. Whether this is caused by
the dep8 tests of the tested source or the kernel has yet to be
determined.
Testing failed on:
s390x:
https://autopkgtest.ubuntu.com/results/autopkgtest-bionic/bionic/s390x/l/linux/20210514_022345_e6f3c@/log.gz
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1928522/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
