From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1QvuSH-0007Yi-6w for user-mode-linux-devel@lists.sourceforge.net; Tue, 23 Aug 2011 17:08:01 +0000 Received: from zeniv.linux.org.uk ([195.92.253.2]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1QvuSF-0003Pb-Sw for user-mode-linux-devel@lists.sourceforge.net; Tue, 23 Aug 2011 17:08:01 +0000 Date: Tue, 23 Aug 2011 18:07:40 +0100 From: Al Viro Message-ID: <20110823170740.GH2203@ZenIV.linux.org.uk> References: <20110823010146.GY2203@ZenIV.linux.org.uk> <20110823011312.GZ2203@ZenIV.linux.org.uk> <20110823021717.GA2203@ZenIV.linux.org.uk> <20110823061531.GC2203@ZenIV.linux.org.uk> <20110823162251.GC13138@aftab> <20110823165320.GG2203@ZenIV.linux.org.uk> <4E53DC2A.3020004@nod.at> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <4E53DC2A.3020004@nod.at> List-Id: The user-mode Linux development list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: user-mode-linux-devel-bounces@lists.sourceforge.net Subject: Re: [uml-devel] SYSCALL, ptrace and syscall restart breakages (Re: [RFC] weird crap with vdso on uml/i386) To: Richard Weinberger Cc: Andrew Lutomirski , "user-mode-linux-devel@lists.sourceforge.net" , "linux-kernel@vger.kernel.org" , Borislav Petkov , "mingo@redhat.com" , "H. Peter Anvin" , Linus Torvalds , Ingo Molnar On Tue, Aug 23, 2011 at 06:58:18PM +0200, Richard Weinberger wrote: > What about this hack/solution? > While booting UML can check whether the host's vDSO contains > a SYSCALL instruction. > If so, UML will not make the host's vDSO available to it's > processes... Note that this is *only* for 32bit side of things. 64bit one works fine... I wouldn't search for SYSCALL in vdso, BTW - not when we have a good way to trigger that crap and recognize it. At boot time, fork a child. Have it traced with PTRACE_SYSCALL. Let it put recognizable values in registers and call __kernel_vsyscall(). Then let the parent do one more PTRACE_SYSCALL, then PTRACE_POKEUSER and set ebp to 0x69696969. PTRACE_CONT the sucker and let it report what it sees in ecx. If it's what we'd put there - fine, it looks safe. If it's 0x69696969 - we have a problem, no vdso for us. ------------------------------------------------------------------------------ Get a FREE DOWNLOAD! and learn more about uberSVN rich system, user administration capabilities and model configuration. Take the hassle out of deploying and managing Subversion and the tools developers use with it. http://p.sf.net/sfu/wandisco-d2d-2 _______________________________________________ User-mode-linux-devel mailing list User-mode-linux-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755481Ab1HWRIG (ORCPT ); Tue, 23 Aug 2011 13:08:06 -0400 Received: from zeniv.linux.org.uk ([195.92.253.2]:38673 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751959Ab1HWRH7 (ORCPT ); Tue, 23 Aug 2011 13:07:59 -0400 Date: Tue, 23 Aug 2011 18:07:40 +0100 From: Al Viro To: Richard Weinberger Cc: Linus Torvalds , Borislav Petkov , Andrew Lutomirski , "H. Peter Anvin" , Ingo Molnar , "user-mode-linux-devel@lists.sourceforge.net" , "linux-kernel@vger.kernel.org" , "mingo@redhat.com" Subject: Re: [uml-devel] SYSCALL, ptrace and syscall restart breakages (Re: [RFC] weird crap with vdso on uml/i386) Message-ID: <20110823170740.GH2203@ZenIV.linux.org.uk> References: <20110823010146.GY2203@ZenIV.linux.org.uk> <20110823011312.GZ2203@ZenIV.linux.org.uk> <20110823021717.GA2203@ZenIV.linux.org.uk> <20110823061531.GC2203@ZenIV.linux.org.uk> <20110823162251.GC13138@aftab> <20110823165320.GG2203@ZenIV.linux.org.uk> <4E53DC2A.3020004@nod.at> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4E53DC2A.3020004@nod.at> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Aug 23, 2011 at 06:58:18PM +0200, Richard Weinberger wrote: > What about this hack/solution? > While booting UML can check whether the host's vDSO contains > a SYSCALL instruction. > If so, UML will not make the host's vDSO available to it's > processes... Note that this is *only* for 32bit side of things. 64bit one works fine... I wouldn't search for SYSCALL in vdso, BTW - not when we have a good way to trigger that crap and recognize it. At boot time, fork a child. Have it traced with PTRACE_SYSCALL. Let it put recognizable values in registers and call __kernel_vsyscall(). Then let the parent do one more PTRACE_SYSCALL, then PTRACE_POKEUSER and set ebp to 0x69696969. PTRACE_CONT the sucker and let it report what it sees in ecx. If it's what we'd put there - fine, it looks safe. If it's 0x69696969 - we have a problem, no vdso for us.