From: Oleg Nesterov <oleg@redhat.com>
To: Andy Lutomirski <luto@amacapital.net>
Cc: Pedro Alves <pedro@palves.net>, Kees Cook <keescook@chromium.org>,
Borislav Petkov <bp@alien8.de>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
X86 ML <x86@kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [PATCH] x86/ptrace: Remove questionable TS_COMPAT usage in ptrace
Date: Mon, 20 Jun 2016 17:24:25 +0200 [thread overview]
Message-ID: <20160620152424.GA28057@redhat.com> (raw)
In-Reply-To: <CALCETrUBSGtvbnokoFWMW_CNmz-9R+ry85hd3NGkH8vMQtUdjw@mail.gmail.com>
On 06/19, Andy Lutomirski wrote:
>
> On Sat, Jun 18, 2016 at 10:02 AM, Andy Lutomirski <luto@amacapital.net> wrote:
> Step 1: for 4.7 and for -stable, introduce TS_I386_REGS_POKED. Set it
> in putreg32. Use it in syscall_get_error, get_nr_restart_syscall,
> etc. Clear it in do_signal.
do_signal() won't be necessarily called...
> I wonder if we could actually get away with doing syscall restart
> processing before ptrace invocation.
How? this doesn't look possible or I misunderstood.
How about the simple change below for now? IIRC 32-bit task can't use
"syscall" so if syscall_get_nr() >= 0 then even the wrong TS_COMPAT is
not that bad, even if it "leaks" to user-mode.
nobody should use, say, in_ia32_syscall() unless we know that "in syscall"
is actually true. Hmm, arch/x86/kernel/uprobes.c does and this is wrong
regardless, I'll send the fix.
Oleg.
--- x/arch/x86/kernel/ptrace.c
+++ x/arch/x86/kernel/ptrace.c
@@ -930,7 +930,7 @@ static int putreg32(struct task_struct *
* exit from a 32-bit syscall with TS_COMPAT still set.
*/
regs->orig_ax = value;
- if (syscall_get_nr(child, regs) >= 0)
+ if (syscall_get_nr(child, regs) >= 0 && !user_64bit_mode(regs))
task_thread_info(child)->status |= TS_COMPAT;
break;
next prev parent reply other threads:[~2016-06-20 16:33 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-18 10:21 [PATCH] x86/ptrace: Remove questionable TS_COMPAT usage in ptrace Andy Lutomirski
2016-06-18 13:55 ` Pedro Alves
2016-06-18 14:41 ` Pedro Alves
2016-06-18 17:02 ` Andy Lutomirski
2016-06-19 22:09 ` Andy Lutomirski
2016-06-20 10:27 ` Pedro Alves
2016-06-20 15:24 ` Oleg Nesterov [this message]
2016-06-20 16:30 ` Andy Lutomirski
2016-06-20 16:14 ` Oleg Nesterov
2016-06-20 17:25 ` Andy Lutomirski
2016-06-20 10:07 ` Pedro Alves
2016-06-20 11:12 ` Jan Kratochvil
2016-06-18 17:48 ` Kees Cook
2016-06-19 21:19 ` Oleg Nesterov
2016-06-19 22:23 ` Andy Lutomirski
2016-06-20 6:12 ` Andy Lutomirski
2016-06-20 15:31 ` Oleg Nesterov
2016-06-20 17:53 ` the usage of __SYSCALL_MASK in entry_SYSCALL_64/do_syscall_64 is not consistent Oleg Nesterov
2016-06-21 19:01 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160620152424.GA28057@redhat.com \
--to=oleg@redhat.com \
--cc=bp@alien8.de \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=pedro@palves.net \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.