From: "Dmitry V. Levin" <ldv@strace.io>
To: Celeste Liu <uwu@coelacanthus.name>
Cc: "Oleg Nesterov" <oleg@redhat.com>,
"Paul Walmsley" <paul.walmsley@sifive.com>,
"Palmer Dabbelt" <palmer@dabbelt.com>,
"Eric Biederman" <ebiederm@xmission.com>,
"Kees Cook" <kees@kernel.org>, "Shuah Khan" <shuah@kernel.org>,
"Albert Ou" <aou@eecs.berkeley.edu>,
"Alexandre Ghiti" <alex@ghiti.fr>,
"Andrea Bolognani" <abologna@redhat.com>,
"Björn Töpel" <bjorn@kernel.org>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Ron Economos" <re@w6rz.net>,
"Charlie Jenkins" <charlie@rivosinc.com>,
"Andrew Jones" <ajones@ventanamicro.com>,
"Quan Zhou" <zhouquan@iscas.ac.cn>,
"Felix Yan" <felixonmars@archlinux.org>,
"Ruizhe Pan" <c141028@gmail.com>, "Guo Ren" <guoren@kernel.org>,
"Yao Zi" <ziyao@disroot.org>,
"Eugene Syromyatnikov" <evgsyr@gmail.com>,
linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, linux-kselftest@vger.kernel.org,
"Björn Töpel" <bjorn@rivosinc.com>
Subject: Re: [PATCH v4 2/2] riscv: selftests: Add a ptrace test to verify syscall parameter modification
Date: Thu, 26 Dec 2024 15:35:00 +0200 [thread overview]
Message-ID: <20241226133459.GA30481@strace.io> (raw)
In-Reply-To: <20241226-riscv-new-regset-v4-2-4496a29d0436@coelacanthus.name>
On Thu, Dec 26, 2024 at 06:52:52PM +0800, Celeste Liu wrote:
> This test checks that orig_a0 allows a syscall argument to be modified,
> and that changing a0 does not change the syscall argument.
>
> Co-developed-by: Quan Zhou <zhouquan@iscas.ac.cn>
> Signed-off-by: Quan Zhou <zhouquan@iscas.ac.cn>
> Co-developed-by: Charlie Jenkins <charlie@rivosinc.com>
> Signed-off-by: Charlie Jenkins <charlie@rivosinc.com>
> Reviewed-by: Björn Töpel <bjorn@rivosinc.com>
> Signed-off-by: Celeste Liu <uwu@coelacanthus.name>
[...]
> diff --git a/tools/testing/selftests/riscv/abi/ptrace.c b/tools/testing/selftests/riscv/abi/ptrace.c
> new file mode 100644
> index 0000000000000000000000000000000000000000..023695352215bb5de3f91c1a6f5ea3b4f9373ff9
> --- /dev/null
> +++ b/tools/testing/selftests/riscv/abi/ptrace.c
[...]
> + if (ptrace(PTRACE_GET_SYSCALL_INFO, pid, PTRACE_SYSCALL_INFO_ENTRY, &syscall_info_entry))
> + perr_and_exit("failed to get syscall info of entry\n");
> + result->orig_a0 = syscall_info_entry->entry.args[0];
> + if (ptrace(PTRACE_GET_SYSCALL_INFO, pid, PTRACE_SYSCALL_INFO_EXIT, &syscall_info_exit))
> + perr_and_exit("failed to get syscall info of exit\n");
> + result->a0 = syscall_info_exit->exit.rval;
I'm sorry but this is not how PTRACE_GET_SYSCALL_INFO should be used.
PTRACE_GET_SYSCALL_INFO operation takes a pointer and a size,
and in this example instead of size you pass constants 1 and 2, which
essentially means that both syscall_info_entry->entry.args[0] and
syscall_info_exit->exit.rval are not going to be assigned
and would just contain some garbage from the stack.
Also, PTRACE_GET_SYSCALL_INFO operation returns the number of bytes
available to be written by the kernel, which is always nonzero on any
PTRACE_GET_SYSCALL_INFO-capable kernel. In other words, this example
will always end up with perr_and_exit() call.
I wonder how this test was tested before the submission.
--
ldv
WARNING: multiple messages have this Message-ID (diff)
From: "Dmitry V. Levin" <ldv@strace.io>
To: Celeste Liu <uwu@coelacanthus.name>
Cc: "Oleg Nesterov" <oleg@redhat.com>,
"Paul Walmsley" <paul.walmsley@sifive.com>,
"Palmer Dabbelt" <palmer@dabbelt.com>,
"Eric Biederman" <ebiederm@xmission.com>,
"Kees Cook" <kees@kernel.org>, "Shuah Khan" <shuah@kernel.org>,
"Albert Ou" <aou@eecs.berkeley.edu>,
"Alexandre Ghiti" <alex@ghiti.fr>,
"Andrea Bolognani" <abologna@redhat.com>,
"Björn Töpel" <bjorn@kernel.org>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Ron Economos" <re@w6rz.net>,
"Charlie Jenkins" <charlie@rivosinc.com>,
"Andrew Jones" <ajones@ventanamicro.com>,
"Quan Zhou" <zhouquan@iscas.ac.cn>,
"Felix Yan" <felixonmars@archlinux.org>,
"Ruizhe Pan" <c141028@gmail.com>, "Guo Ren" <guoren@kernel.org>,
"Yao Zi" <ziyao@disroot.org>,
"Eugene Syromyatnikov" <evgsyr@gmail.com>,
linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, linux-kselftest@vger.kernel.org,
"Björn Töpel" <bjorn@rivosinc.com>
Subject: Re: [PATCH v4 2/2] riscv: selftests: Add a ptrace test to verify syscall parameter modification
Date: Thu, 26 Dec 2024 15:35:00 +0200 [thread overview]
Message-ID: <20241226133459.GA30481@strace.io> (raw)
In-Reply-To: <20241226-riscv-new-regset-v4-2-4496a29d0436@coelacanthus.name>
On Thu, Dec 26, 2024 at 06:52:52PM +0800, Celeste Liu wrote:
> This test checks that orig_a0 allows a syscall argument to be modified,
> and that changing a0 does not change the syscall argument.
>
> Co-developed-by: Quan Zhou <zhouquan@iscas.ac.cn>
> Signed-off-by: Quan Zhou <zhouquan@iscas.ac.cn>
> Co-developed-by: Charlie Jenkins <charlie@rivosinc.com>
> Signed-off-by: Charlie Jenkins <charlie@rivosinc.com>
> Reviewed-by: Björn Töpel <bjorn@rivosinc.com>
> Signed-off-by: Celeste Liu <uwu@coelacanthus.name>
[...]
> diff --git a/tools/testing/selftests/riscv/abi/ptrace.c b/tools/testing/selftests/riscv/abi/ptrace.c
> new file mode 100644
> index 0000000000000000000000000000000000000000..023695352215bb5de3f91c1a6f5ea3b4f9373ff9
> --- /dev/null
> +++ b/tools/testing/selftests/riscv/abi/ptrace.c
[...]
> + if (ptrace(PTRACE_GET_SYSCALL_INFO, pid, PTRACE_SYSCALL_INFO_ENTRY, &syscall_info_entry))
> + perr_and_exit("failed to get syscall info of entry\n");
> + result->orig_a0 = syscall_info_entry->entry.args[0];
> + if (ptrace(PTRACE_GET_SYSCALL_INFO, pid, PTRACE_SYSCALL_INFO_EXIT, &syscall_info_exit))
> + perr_and_exit("failed to get syscall info of exit\n");
> + result->a0 = syscall_info_exit->exit.rval;
I'm sorry but this is not how PTRACE_GET_SYSCALL_INFO should be used.
PTRACE_GET_SYSCALL_INFO operation takes a pointer and a size,
and in this example instead of size you pass constants 1 and 2, which
essentially means that both syscall_info_entry->entry.args[0] and
syscall_info_exit->exit.rval are not going to be assigned
and would just contain some garbage from the stack.
Also, PTRACE_GET_SYSCALL_INFO operation returns the number of bytes
available to be written by the kernel, which is always nonzero on any
PTRACE_GET_SYSCALL_INFO-capable kernel. In other words, this example
will always end up with perr_and_exit() call.
I wonder how this test was tested before the submission.
--
ldv
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2024-12-26 13:35 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-26 10:52 [PATCH v4 0/2] riscv/ptrace: add new regset to access original a0 register Celeste Liu
2024-12-26 10:52 ` Celeste Liu
2024-12-26 10:52 ` [PATCH v4 1/2] " Celeste Liu
2024-12-26 10:52 ` Celeste Liu
2024-12-26 10:52 ` [PATCH v4 2/2] riscv: selftests: Add a ptrace test to verify syscall parameter modification Celeste Liu
2024-12-26 10:52 ` Celeste Liu
2024-12-26 13:35 ` Dmitry V. Levin [this message]
2024-12-26 13:35 ` Dmitry V. Levin
2024-12-26 15:21 ` Celeste Liu
2024-12-26 15:21 ` Celeste Liu
2025-01-10 3:34 ` Charlie Jenkins
2025-01-10 3:34 ` Charlie Jenkins
2025-01-12 10:41 ` Celeste Liu
2025-01-12 10:41 ` Celeste Liu
2025-01-14 20:31 ` Celeste Liu
2025-01-14 20:31 ` Celeste Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241226133459.GA30481@strace.io \
--to=ldv@strace.io \
--cc=abologna@redhat.com \
--cc=ajones@ventanamicro.com \
--cc=alex@ghiti.fr \
--cc=aou@eecs.berkeley.edu \
--cc=bjorn@kernel.org \
--cc=bjorn@rivosinc.com \
--cc=c141028@gmail.com \
--cc=charlie@rivosinc.com \
--cc=ebiederm@xmission.com \
--cc=evgsyr@gmail.com \
--cc=felixonmars@archlinux.org \
--cc=guoren@kernel.org \
--cc=kees@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-riscv@lists.infradead.org \
--cc=oleg@redhat.com \
--cc=palmer@dabbelt.com \
--cc=paul.walmsley@sifive.com \
--cc=re@w6rz.net \
--cc=shuah@kernel.org \
--cc=tglx@linutronix.de \
--cc=uwu@coelacanthus.name \
--cc=zhouquan@iscas.ac.cn \
--cc=ziyao@disroot.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.