Re: [PATCH v8 2/6] arm64: ptrace: allow tracer to skip a system call
On Thu, Nov 20, 2014 at 02:13:04PM +0900, AKASHI Takahiro wrote: > On 11/20/2014 04:06 AM, Will Deacon wrote: > >What does x86 do? > > On x86, syscall(-1) returns -ENOSYS if not traced, and we can change a return > value if traced. ... which is used for UML (user mode Linux). UML works by spawning processes under the host kernel, which run with syscall tracing enabled, with the UML kernel as the tracer. The UML kernel tracer receives the syscall trace event when the child tries to execute a syscall, decodes the syscall, executes syscall in the UML kernel, and then cancels the syscall in the host kernel, setting the return code appropriately. -- FTTC broadband for 0.8mile line: currently at 9.5Mbps down 400kbps up according to speedtest.net. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH v8 2/6] arm64: ptrace: allow tracer to skip a system call
On Thu, Nov 20, 2014 at 05:52:34AM +, AKASHI Takahiro wrote: > On 11/20/2014 02:13 PM, AKASHI Takahiro wrote: > > On 11/20/2014 04:06 AM, Will Deacon wrote: > >> Ok, but now userspace sees -ENOSYS for a skipped system call in that case, > >> whereas it would usually see whatever the trace put in x0, right? > > > > Yes. > > If you don't really like this behavior, how about this patch instead of my > > [2/6] patch? > > > > diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S > > index 726b910..1ef57d0 100644 > > --- a/arch/arm64/kernel/entry.S > > +++ b/arch/arm64/kernel/entry.S > > @@ -668,8 +668,15 @@ ENDPROC(el0_svc) > > * switches, and waiting for our parent to respond. > > */ > > __sys_trace: > > + cmp w8, #-1 // default errno for invalid > > I needed to correct the code here: > w8 should be w26, thinking of compat syscalls. > > > + b.ne1f // system call > > + mov x0, #-ENOSYS > > + str x0, [sp, #S_X0] > > +1: > > and this part might better be generalized like the following: > > __sys_trace: > cmp w26, w25// cannot use x26 and x25 here > b.hs1f // scno > sc_nr || scno < 0 > b 2f > 1: > mov x0, #-ENOSYS > str x0, [sp, #S_X0] > 2: > > If you will be comfortable, I will submit a new patch soon. Yes, please send a new series including this change. Will -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH v8 2/6] arm64: ptrace: allow tracer to skip a system call
On Tue, Nov 25, 2014 at 07:42:10AM +, AKASHI Takahiro wrote: > On 11/21/2014 04:17 AM, Will Deacon wrote: > > On Thu, Nov 20, 2014 at 05:13:04AM +, AKASHI Takahiro wrote: > >> On 11/20/2014 04:06 AM, Will Deacon wrote: > >>> On Wed, Nov 19, 2014 at 08:46:19AM +, AKASHI Takahiro wrote: > Syscall(-1) will return -ENOSYS whether or not a syscallno is explicitly > replaced with -1 by a tracer, and, in this sense, it is *skipped*. > >>> > >>> Ok, but now userspace sees -ENOSYS for a skipped system call in that case, > >>> whereas it would usually see whatever the trace put in x0, right? > >> > >> If you don't really like this behavior, how about this patch instead of my > >> [2/6] patch? > >> > >> diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S > >> index 726b910..1ef57d0 100644 > >> --- a/arch/arm64/kernel/entry.S > >> +++ b/arch/arm64/kernel/entry.S > >> @@ -668,8 +668,15 @@ ENDPROC(el0_svc) > >>* switches, and waiting for our parent to respond. > >>*/ > >>__sys_trace: > >> + cmp w8, #-1 // default errno for > >> invalid > >> + b.ne1f // system call > >> + mov x0, #-ENOSYS > >> + str x0, [sp, #S_X0] > >> +1: > >> mov x0, sp > >> bl syscall_trace_enter > >> + cmp w0, #-1 // skip the syscall? > >> + b.eq__sys_trace_return_skipped > >> adr lr, __sys_trace_return // return address > >> uxtwscno, w0// syscall number > >> (possibly new) > >> mov x1, sp // pointer to regs > >> @@ -684,6 +691,7 @@ __sys_trace: > >> > >>__sys_trace_return: > >> str x0, [sp]// save returned x0 > >> +__sys_trace_return_skipped: > >> mov x0, sp > >> bl syscall_trace_exit > >> b ret_to_user > >> > >> With this change, I believe, syscall(-1) returns -ENOSYS by default > >> whether traced > >> or not, and still you can change a return value when tracing. > >> (But a drawback here is that a tracer will see -ENOSYS in x0 even at > >> syscall entry > >> for syscall(-1).) > > > > But it's exactly these drawbacks that I'm objected to. syscall(-1) shouldn't > > be treated any differently to syscall(42) with respect to restarting, > > exactly like x86. > > Can you elaborate a bit more as to "restarting?" Sorry, I meant skipping. There was another thread about syscall restarting at the same time I wrote that, so my mind was elsewhere! > We can't make any assumption about the number of arguments taken by *invalid* > syscall(-1) > and so changing a value in x0 (or any other registers) doesn't make any > difference. > () Ok, that's a fair point. Will -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH v8 2/6] arm64: ptrace: allow tracer to skip a system call
On 11/21/2014 04:17 AM, Will Deacon wrote: On Thu, Nov 20, 2014 at 05:13:04AM +, AKASHI Takahiro wrote: On 11/20/2014 04:06 AM, Will Deacon wrote: On Wed, Nov 19, 2014 at 08:46:19AM +, AKASHI Takahiro wrote: Syscall(-1) will return -ENOSYS whether or not a syscallno is explicitly replaced with -1 by a tracer, and, in this sense, it is *skipped*. Ok, but now userspace sees -ENOSYS for a skipped system call in that case, whereas it would usually see whatever the trace put in x0, right? If you don't really like this behavior, how about this patch instead of my [2/6] patch? diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S index 726b910..1ef57d0 100644 --- a/arch/arm64/kernel/entry.S +++ b/arch/arm64/kernel/entry.S @@ -668,8 +668,15 @@ ENDPROC(el0_svc) * switches, and waiting for our parent to respond. */ __sys_trace: + cmp w8, #-1 // default errno for invalid + b.ne1f // system call + mov x0, #-ENOSYS + str x0, [sp, #S_X0] +1: mov x0, sp bl syscall_trace_enter + cmp w0, #-1 // skip the syscall? + b.eq__sys_trace_return_skipped adr lr, __sys_trace_return // return address uxtwscno, w0// syscall number (possibly new) mov x1, sp // pointer to regs @@ -684,6 +691,7 @@ __sys_trace: __sys_trace_return: str x0, [sp]// save returned x0 +__sys_trace_return_skipped: mov x0, sp bl syscall_trace_exit b ret_to_user With this change, I believe, syscall(-1) returns -ENOSYS by default whether traced or not, and still you can change a return value when tracing. (But a drawback here is that a tracer will see -ENOSYS in x0 even at syscall entry for syscall(-1).) But it's exactly these drawbacks that I'm objected to. syscall(-1) shouldn't be treated any differently to syscall(42) with respect to restarting, exactly like x86. Can you elaborate a bit more as to "restarting?" We can't make any assumption about the number of arguments taken by *invalid* syscall(-1) and so changing a value in x0 (or any other registers) doesn't make any difference. () -Takahiro AKASHI Will -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH v8 2/6] arm64: ptrace: allow tracer to skip a system call
On Thu, Nov 20, 2014 at 05:13:04AM +, AKASHI Takahiro wrote: > On 11/20/2014 04:06 AM, Will Deacon wrote: > > On Wed, Nov 19, 2014 at 08:46:19AM +, AKASHI Takahiro wrote: > >> Syscall(-1) will return -ENOSYS whether or not a syscallno is explicitly > >> replaced with -1 by a tracer, and, in this sense, it is *skipped*. > > > > Ok, but now userspace sees -ENOSYS for a skipped system call in that case, > > whereas it would usually see whatever the trace put in x0, right? > > If you don't really like this behavior, how about this patch instead of my > [2/6] patch? > > diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S > index 726b910..1ef57d0 100644 > --- a/arch/arm64/kernel/entry.S > +++ b/arch/arm64/kernel/entry.S > @@ -668,8 +668,15 @@ ENDPROC(el0_svc) > * switches, and waiting for our parent to respond. > */ > __sys_trace: > + cmp w8, #-1 // default errno for invalid > + b.ne1f // system call > + mov x0, #-ENOSYS > + str x0, [sp, #S_X0] > +1: > mov x0, sp > bl syscall_trace_enter > + cmp w0, #-1 // skip the syscall? > + b.eq__sys_trace_return_skipped > adr lr, __sys_trace_return // return address > uxtwscno, w0// syscall number (possibly > new) > mov x1, sp // pointer to regs > @@ -684,6 +691,7 @@ __sys_trace: > > __sys_trace_return: > str x0, [sp]// save returned x0 > +__sys_trace_return_skipped: > mov x0, sp > bl syscall_trace_exit > b ret_to_user > > With this change, I believe, syscall(-1) returns -ENOSYS by default whether > traced > or not, and still you can change a return value when tracing. > (But a drawback here is that a tracer will see -ENOSYS in x0 even at syscall > entry > for syscall(-1).) But it's exactly these drawbacks that I'm objected to. syscall(-1) shouldn't be treated any differently to syscall(42) with respect to restarting, exactly like x86. Will -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH v8 2/6] arm64: ptrace: allow tracer to skip a system call
On 11/20/2014 02:13 PM, AKASHI Takahiro wrote:
On 11/20/2014 04:06 AM, Will Deacon wrote:
On Wed, Nov 19, 2014 at 08:46:19AM +, AKASHI Takahiro wrote:
On 11/18/2014 11:04 PM, Will Deacon wrote:
On Tue, Nov 18, 2014 at 01:10:34AM +, AKASHI Takahiro wrote:
+if (((int)regs->syscallno == -1) && (orig_syscallno == -1)) {
+/*
+ * user-issued syscall(-1):
+ * RESTRICTION: We always return ENOSYS whatever value is
+ * stored in x0 (a return value) at this point.
+ * Normally, with ptrace off, syscall(-1) returns -ENOSYS.
+ * With ptrace on, however, if a tracer didn't pay any
+ * attention to user-issued syscall(-1) and just let it go
+ * without a hack here, it would return a value in x0 as in
+ * other system call cases. This means that this system call
+ * might succeed and see any bogus return value.
+ * This should be definitely avoided.
+ */
+regs->regs[0] = -ENOSYS;
+}
I'm still really uncomfortable with this, and it doesn't seem to match what
arch/arm/ does either.
Yeah, I know but
as I mentioned before, syscall(-1) will be signaled on arm, and so we don't
have to care about a return value :)
What does x86 do?
On x86, syscall(-1) returns -ENOSYS if not traced, and we can change a return
value if traced.
Doesn't it also prevent a tracer from skipping syscall(-1)?
Syscall(-1) will return -ENOSYS whether or not a syscallno is explicitly
replaced with -1 by a tracer, and, in this sense, it is *skipped*.
Ok, but now userspace sees -ENOSYS for a skipped system call in that case,
whereas it would usually see whatever the trace put in x0, right?
Yes.
If you don't really like this behavior, how about this patch instead of my
[2/6] patch?
diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
index 726b910..1ef57d0 100644
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@@ -668,8 +668,15 @@ ENDPROC(el0_svc)
* switches, and waiting for our parent to respond.
*/
__sys_trace:
+ cmp w8, #-1 // default errno for invalid
I needed to correct the code here:
w8 should be w26, thinking of compat syscalls.
+ b.ne1f // system call
+ mov x0, #-ENOSYS
+ str x0, [sp, #S_X0]
+1:
and this part might better be generalized like the following:
__sys_trace:
cmp w26, w25// cannot use x26 and x25 here
b.hs1f // scno > sc_nr || scno < 0
b 2f
1:
mov x0, #-ENOSYS
str x0, [sp, #S_X0]
2:
If you will be comfortable, I will submit a new patch soon.
-Takahiro AKASHI
mov x0, sp
bl syscall_trace_enter
+ cmp w0, #-1 // skip the syscall?
+ b.eq__sys_trace_return_skipped
adr lr, __sys_trace_return // return address
uxtwscno, w0// syscall number (possibly
new)
mov x1, sp // pointer to regs
@@ -684,6 +691,7 @@ __sys_trace:
__sys_trace_return:
str x0, [sp]// save returned x0
+__sys_trace_return_skipped:
mov x0, sp
bl syscall_trace_exit
b ret_to_user
With this change, I believe, syscall(-1) returns -ENOSYS by default whether
traced
or not, and still you can change a return value when tracing.
(But a drawback here is that a tracer will see -ENOSYS in x0 even at syscall
entry
for syscall(-1).)
-Takahiro AKASHI
Will
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH v8 2/6] arm64: ptrace: allow tracer to skip a system call
On 11/20/2014 04:06 AM, Will Deacon wrote:
On Wed, Nov 19, 2014 at 08:46:19AM +, AKASHI Takahiro wrote:
On 11/18/2014 11:04 PM, Will Deacon wrote:
On Tue, Nov 18, 2014 at 01:10:34AM +, AKASHI Takahiro wrote:
+ if (((int)regs->syscallno == -1) && (orig_syscallno == -1)) {
+ /*
+* user-issued syscall(-1):
+* RESTRICTION: We always return ENOSYS whatever value is
+* stored in x0 (a return value) at this point.
+* Normally, with ptrace off, syscall(-1) returns -ENOSYS.
+* With ptrace on, however, if a tracer didn't pay any
+* attention to user-issued syscall(-1) and just let it go
+* without a hack here, it would return a value in x0 as in
+* other system call cases. This means that this system call
+* might succeed and see any bogus return value.
+* This should be definitely avoided.
+*/
+ regs->regs[0] = -ENOSYS;
+ }
I'm still really uncomfortable with this, and it doesn't seem to match what
arch/arm/ does either.
Yeah, I know but
as I mentioned before, syscall(-1) will be signaled on arm, and so we don't
have to care about a return value :)
What does x86 do?
On x86, syscall(-1) returns -ENOSYS if not traced, and we can change a return
value if traced.
Doesn't it also prevent a tracer from skipping syscall(-1)?
Syscall(-1) will return -ENOSYS whether or not a syscallno is explicitly
replaced with -1 by a tracer, and, in this sense, it is *skipped*.
Ok, but now userspace sees -ENOSYS for a skipped system call in that case,
whereas it would usually see whatever the trace put in x0, right?
Yes.
If you don't really like this behavior, how about this patch instead of my
[2/6] patch?
diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
index 726b910..1ef57d0 100644
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@@ -668,8 +668,15 @@ ENDPROC(el0_svc)
* switches, and waiting for our parent to respond.
*/
__sys_trace:
+ cmp w8, #-1 // default errno for invalid
+ b.ne1f // system call
+ mov x0, #-ENOSYS
+ str x0, [sp, #S_X0]
+1:
mov x0, sp
bl syscall_trace_enter
+ cmp w0, #-1 // skip the syscall?
+ b.eq__sys_trace_return_skipped
adr lr, __sys_trace_return // return address
uxtwscno, w0// syscall number (possibly new)
mov x1, sp // pointer to regs
@@ -684,6 +691,7 @@ __sys_trace:
__sys_trace_return:
str x0, [sp]// save returned x0
+__sys_trace_return_skipped:
mov x0, sp
bl syscall_trace_exit
b ret_to_user
With this change, I believe, syscall(-1) returns -ENOSYS by default whether
traced
or not, and still you can change a return value when tracing.
(But a drawback here is that a tracer will see -ENOSYS in x0 even at syscall
entry
for syscall(-1).)
-Takahiro AKASHI
Will
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH v8 2/6] arm64: ptrace: allow tracer to skip a system call
On Wed, Nov 19, 2014 at 08:46:19AM +, AKASHI Takahiro wrote:
> On 11/18/2014 11:04 PM, Will Deacon wrote:
> > On Tue, Nov 18, 2014 at 01:10:34AM +, AKASHI Takahiro wrote:
> >>
> >> + if (((int)regs->syscallno == -1) && (orig_syscallno == -1)) {
> >> + /*
> >> + * user-issued syscall(-1):
> >> + * RESTRICTION: We always return ENOSYS whatever value is
> >> + * stored in x0 (a return value) at this point.
> >> + * Normally, with ptrace off, syscall(-1) returns -ENOSYS.
> >> + * With ptrace on, however, if a tracer didn't pay any
> >> + * attention to user-issued syscall(-1) and just let it go
> >> + * without a hack here, it would return a value in x0 as in
> >> + * other system call cases. This means that this system call
> >> + * might succeed and see any bogus return value.
> >> + * This should be definitely avoided.
> >> + */
> >> + regs->regs[0] = -ENOSYS;
> >> + }
> >
> > I'm still really uncomfortable with this, and it doesn't seem to match what
> > arch/arm/ does either.
>
> Yeah, I know but
> as I mentioned before, syscall(-1) will be signaled on arm, and so we don't
> have to care about a return value :)
What does x86 do?
> > Doesn't it also prevent a tracer from skipping syscall(-1)?
>
> Syscall(-1) will return -ENOSYS whether or not a syscallno is explicitly
> replaced with -1 by a tracer, and, in this sense, it is *skipped*.
Ok, but now userspace sees -ENOSYS for a skipped system call in that case,
whereas it would usually see whatever the trace put in x0, right?
Will
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH v8 2/6] arm64: ptrace: allow tracer to skip a system call
On 11/18/2014 11:04 PM, Will Deacon wrote:
On Tue, Nov 18, 2014 at 01:10:34AM +, AKASHI Takahiro wrote:
+ if (((int)regs->syscallno == -1) && (orig_syscallno == -1)) {
+ /*
+* user-issued syscall(-1):
+* RESTRICTION: We always return ENOSYS whatever value is
+* stored in x0 (a return value) at this point.
+* Normally, with ptrace off, syscall(-1) returns -ENOSYS.
+* With ptrace on, however, if a tracer didn't pay any
+* attention to user-issued syscall(-1) and just let it go
+* without a hack here, it would return a value in x0 as in
+* other system call cases. This means that this system call
+* might succeed and see any bogus return value.
+* This should be definitely avoided.
+*/
+ regs->regs[0] = -ENOSYS;
+ }
I'm still really uncomfortable with this, and it doesn't seem to match what
arch/arm/ does either.
Yeah, I know but
as I mentioned before, syscall(-1) will be signaled on arm, and so we don't
have to care about a return value :)
Doesn't it also prevent a tracer from skipping syscall(-1)?
Syscall(-1) will return -ENOSYS whether or not a syscallno is explicitly
replaced with -1
by a tracer, and, in this sense, it is *skipped*.
-Takahiro AKASHI
Will
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH v8 2/6] arm64: ptrace: allow tracer to skip a system call
On Tue, Nov 18, 2014 at 01:10:34AM +, AKASHI Takahiro wrote:
> If tracer specifies -1 as a syscall number, this traced system call should
> be skipped with a return value specified in x0.
> This patch implements this semantics, but there is one restriction here:
>
> syscall(-1) always return ENOSYS whatever value is stored in x0
> (a return value) at syscall entry.
>
> Normally, with ptrace off, syscall(-1) returns -ENOSYS. With ptrace on,
> however, if a tracer didn't pay any attention to user-issued syscall(-1)
> and just let it go, it would return a value in x0 as in other system call
> cases. This means that this system call might succeed and yet see any bogus
> return value. This should be definitely avoided.
>
> Please also note:
> * syscall entry tracing and syscall exit tracing (ftrace tracepoint and
> audit) are always executed, if enabled, even when skipping a system call
> (that is, -1).
> In this way, we can avoid a potential bug where audit_syscall_entry()
> might be called without audit_syscall_exit() at the previous system call
> being called, that would cause OOPs in audit_syscall_entry().
>
> Signed-off-by: AKASHI Takahiro
> ---
> arch/arm64/kernel/entry.S |3 +++
> arch/arm64/kernel/ptrace.c | 18 ++
> 2 files changed, 21 insertions(+)
>
> diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
> index 726b910..01118b1 100644
> --- a/arch/arm64/kernel/entry.S
> +++ b/arch/arm64/kernel/entry.S
> @@ -670,6 +670,8 @@ ENDPROC(el0_svc)
> __sys_trace:
> mov x0, sp
> bl syscall_trace_enter
> + cmp w0, #-1 // skip the syscall?
> + b.eq__sys_trace_return_skipped
> adr lr, __sys_trace_return // return address
> uxtwscno, w0// syscall number (possibly new)
> mov x1, sp // pointer to regs
> @@ -684,6 +686,7 @@ __sys_trace:
>
> __sys_trace_return:
> str x0, [sp]// save returned x0
> +__sys_trace_return_skipped:
> mov x0, sp
> bl syscall_trace_exit
> b ret_to_user
> diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c
> index 8b98781..34b1e85 100644
> --- a/arch/arm64/kernel/ptrace.c
> +++ b/arch/arm64/kernel/ptrace.c
> @@ -1149,6 +1149,8 @@ static void tracehook_report_syscall(struct pt_regs
> *regs,
>
> asmlinkage int syscall_trace_enter(struct pt_regs *regs)
> {
> + int orig_syscallno = regs->syscallno;
> +
> if (test_thread_flag(TIF_SYSCALL_TRACE))
> tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER);
>
> @@ -1158,6 +1160,22 @@ asmlinkage int syscall_trace_enter(struct pt_regs
> *regs)
> audit_syscall_entry(regs->syscallno, regs->orig_x0, regs->regs[1],
> regs->regs[2], regs->regs[3]);
>
> + if (((int)regs->syscallno == -1) && (orig_syscallno == -1)) {
> + /*
> + * user-issued syscall(-1):
> + * RESTRICTION: We always return ENOSYS whatever value is
> + * stored in x0 (a return value) at this point.
> + * Normally, with ptrace off, syscall(-1) returns -ENOSYS.
> + * With ptrace on, however, if a tracer didn't pay any
> + * attention to user-issued syscall(-1) and just let it go
> + * without a hack here, it would return a value in x0 as in
> + * other system call cases. This means that this system call
> + * might succeed and see any bogus return value.
> + * This should be definitely avoided.
> + */
> + regs->regs[0] = -ENOSYS;
> + }
I'm still really uncomfortable with this, and it doesn't seem to match what
arch/arm/ does either. Doesn't it also prevent a tracer from skipping
syscall(-1)?
Will
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[PATCH v8 2/6] arm64: ptrace: allow tracer to skip a system call
If tracer specifies -1 as a syscall number, this traced system call should
be skipped with a return value specified in x0.
This patch implements this semantics, but there is one restriction here:
syscall(-1) always return ENOSYS whatever value is stored in x0
(a return value) at syscall entry.
Normally, with ptrace off, syscall(-1) returns -ENOSYS. With ptrace on,
however, if a tracer didn't pay any attention to user-issued syscall(-1)
and just let it go, it would return a value in x0 as in other system call
cases. This means that this system call might succeed and yet see any bogus
return value. This should be definitely avoided.
Please also note:
* syscall entry tracing and syscall exit tracing (ftrace tracepoint and
audit) are always executed, if enabled, even when skipping a system call
(that is, -1).
In this way, we can avoid a potential bug where audit_syscall_entry()
might be called without audit_syscall_exit() at the previous system call
being called, that would cause OOPs in audit_syscall_entry().
Signed-off-by: AKASHI Takahiro
---
arch/arm64/kernel/entry.S |3 +++
arch/arm64/kernel/ptrace.c | 18 ++
2 files changed, 21 insertions(+)
diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S
index 726b910..01118b1 100644
--- a/arch/arm64/kernel/entry.S
+++ b/arch/arm64/kernel/entry.S
@@ -670,6 +670,8 @@ ENDPROC(el0_svc)
__sys_trace:
mov x0, sp
bl syscall_trace_enter
+ cmp w0, #-1 // skip the syscall?
+ b.eq__sys_trace_return_skipped
adr lr, __sys_trace_return // return address
uxtwscno, w0// syscall number (possibly new)
mov x1, sp // pointer to regs
@@ -684,6 +686,7 @@ __sys_trace:
__sys_trace_return:
str x0, [sp]// save returned x0
+__sys_trace_return_skipped:
mov x0, sp
bl syscall_trace_exit
b ret_to_user
diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c
index 8b98781..34b1e85 100644
--- a/arch/arm64/kernel/ptrace.c
+++ b/arch/arm64/kernel/ptrace.c
@@ -1149,6 +1149,8 @@ static void tracehook_report_syscall(struct pt_regs *regs,
asmlinkage int syscall_trace_enter(struct pt_regs *regs)
{
+ int orig_syscallno = regs->syscallno;
+
if (test_thread_flag(TIF_SYSCALL_TRACE))
tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER);
@@ -1158,6 +1160,22 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs)
audit_syscall_entry(regs->syscallno, regs->orig_x0, regs->regs[1],
regs->regs[2], regs->regs[3]);
+ if (((int)regs->syscallno == -1) && (orig_syscallno == -1)) {
+ /*
+* user-issued syscall(-1):
+* RESTRICTION: We always return ENOSYS whatever value is
+* stored in x0 (a return value) at this point.
+* Normally, with ptrace off, syscall(-1) returns -ENOSYS.
+* With ptrace on, however, if a tracer didn't pay any
+* attention to user-issued syscall(-1) and just let it go
+* without a hack here, it would return a value in x0 as in
+* other system call cases. This means that this system call
+* might succeed and see any bogus return value.
+* This should be definitely avoided.
+*/
+ regs->regs[0] = -ENOSYS;
+ }
+
return regs->syscallno;
}
--
1.7.9.5
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
