Re: Bug in the syscall tracing code

All of lore.kernel.org
 help / color / mirror / Atom feed

From: David Daney <ddaney@avtrex.com>
To: Thiemo Seufer <ths@networkno.de>
Cc: "Gleb O. Raiko" <raiko@niisi.msk.ru>, linux-mips@linux-mips.org
Subject: Re: Bug in the syscall tracing code
Date: Thu, 06 Oct 2005 14:13:24 -0700	[thread overview]
Message-ID: <43459374.5080802@avtrex.com> (raw)
In-Reply-To: <20051006205308.GB31717@hattusa.textio>

Thiemo Seufer wrote:
> Gleb O. Raiko wrote:
> 
>>Hello,
>>
>>The story continues. The last fix of the syscall tracing code was wrong, 
>>unfortunately. (The bug was a user could invoke any function in the 
>>kernel. The fix was not to use t2 as pointer to a syscall, s0 was chosen 
>>for it.) The problem we discovered is a few syscalls do SAVE_STATIC 
>>(those declared as save_static_function), so s0 (which holds pointer to 
>>the syscall at the time the syscall is invoked) is saved on the stack 
>>overwriting a value saved from the process being traced. No wonder, s0 
>>that restored on syscall exit differs from s0 saved on syscall enter.
>>
>>See, arch/mips/kernel/scall32-o32.S, syscall_trace_entry, for example. 
>>The rest of ABIs are the same.
>>
>>There are several ways to fix this:
>>
>>1. Make syscall handling code to be close to other arches. I mean, check 
>>for the trace flag first, then parse arguments and invoke a syscall.
>>
>>2. Remove save_static_functions and do SAVE_STATIC early for several 
>>syscalls (yes, one big switch or its asm equivalent).
>>
>>3. Store t2 in pt_regs (it means we have to expand this structure).
>>
>>4. I know there should be yet another way.
> 
> 
> - Use the k1 slot instead of s0 to save the function pointer.
> 
That is the conclusion I came to in:

http://www.linux-mips.org/cgi-bin/mesg.cgi?a=linux-mips&i=4207C3E0.7070405%40avtrex.com

IIRC, k0 is already used for something.

David daney.

next prev parent reply	other threads:[~2005-10-06 21:13 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-10-06 17:21 Bug in the syscall tracing code Gleb O. Raiko
2005-10-06 20:53 ` Thiemo Seufer
2005-10-06 21:13   ` David Daney [this message]
2005-10-07  7:50     ` Gleb O. Raiko
2005-10-07 15:26       ` David Daney
2005-10-07  7:43   ` Gleb O. Raiko
2005-10-07 12:44 ` Gleb O. Raiko

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=43459374.5080802@avtrex.com \
    --to=ddaney@avtrex.com \
    --cc=linux-mips@linux-mips.org \
    --cc=raiko@niisi.msk.ru \
    --cc=ths@networkno.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.