From: Denys Vlasenko <dvlasenk@redhat.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Kees Cook <keescook@chromium.org>,
David Drysdale <drysdale@google.com>,
Andy Lutomirski <luto@amacapital.net>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Will Drewry <wad@chromium.org>, Ingo Molnar <mingo@kernel.org>,
Alok Kataria <akataria@vmware.com>,
Borislav Petkov <bp@alien8.de>,
Alexei Starovoitov <ast@plumgrid.com>,
Frederic Weisbecker <fweisbec@gmail.com>,
"H. Peter Anvin" <hpa@zytor.com>, Oleg Nesterov <oleg@redhat.com>,
Steven Rostedt <rostedt@goodmis.org>, X86 ML <x86@kernel.org>
Subject: Re: [Regression v4.2 ?] 32-bit seccomp-BPF returned errno values wrong in VM?
Date: Fri, 14 Aug 2015 13:20:20 +0200 [thread overview]
Message-ID: <55CDCEF4.1090906@redhat.com> (raw)
In-Reply-To: <CA+55aFyhOgoZRGemkda5igTdqyOSrb-hP1nAmCcfMbtFUmq5HQ@mail.gmail.com>
On 08/14/2015 12:27 AM, Linus Torvalds wrote:
> On Thu, Aug 13, 2015 at 2:35 PM, Denys Vlasenko <dvlasenk@redhat.com> wrote:
>>
>> I suspect this change:
>>
>> .macro auditsys_entry_common
>> ...
>> movl %ebx,%esi /* 2nd arg: 1st syscall arg */
>> movl %eax,%edi /* 1st arg: syscall number */
>> call __audit_syscall_entry
>> - movl RAX(%rsp),%eax /* reload syscall number */
>> - cmpq $(IA32_NR_syscalls-1),%rax
>> - ja ia32_badsys
>> + movl ORIG_RAX(%rsp),%eax /* reload syscall number */
>>
>> We were reloading syscall# from pt_regs->ax.
>>
>> After the patch, pt_regs->ax isn't equal to syscall# on entry,
>> instead it contains -ENOSYS. Therefore the change shown above
>> was made, to reload it from pt_regs->orig_ax.
>>
>> Well. This still should work... in fact it is "more correct"
>> than it was before...
>
> Well, since it doesn't work, that's clearly not the case.
>
> Also, you do realize that ORIG_RAX can get changed by signal handling
> and ptrace?
I am very aware of that, yes. If it changes, we should use *it*.
That's why new code in this part is "more correct" than old one.
> In fact, I think that whole "save -ENOSYS to pt_regs->ax" is BS.
> Exactly because we use pt_regs->ax for ptrace etc, and you've changed
> the register state we expose.
ptrace always sees pt_regs->ax = -ENOSYS on syscall entry.
That's part of the ABI. Syscall# is in pt_regs->orig_ax.
We used to do that _only_ on ptrace code path, the fast path
didn't store -ENOSYS in pt_regs->ax. This optimization ended up being
more pain than gain, and it was changed for 64-bit code by this commit:
commit 54eea9957f5763dd1a2555d7e4cb53b4dd389cc6
Author: Andy Lutomirski <luto@amacapital.net>
Date: Fri Sep 5 15:13:55 2014 -0700
x86_64, entry: Treat regs->ax the same in fastpath and slowpath syscalls
I changed 32-bit compat code to do the same thing.
> I'm also going to be a *lot* less inclined to take all these idiotic
> low-level x86 changes from now on. It's been a total pain, for very
> little gain. These "cleanups" have been buggy as hell, and test
> coverage for the compat case is clearly lacking.
The code in question was an unholy mess, with about a half dozen
"clever optimizations" tangled together. Now it is much, much
less ugly.
It was nearly inevitable that something would break during untangling.
I understand the frustration of having things breaking
"because of the stupid cleanup".
next prev parent reply other threads:[~2015-08-14 11:20 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-13 8:30 [Regression v4.2 ?] 32-bit seccomp-BPF returned errno values wrong in VM? David Drysdale
2015-08-13 15:17 ` Denys Vlasenko
2015-08-13 16:28 ` David Drysdale
2015-08-13 17:15 ` Andy Lutomirski
2015-08-13 17:39 ` David Drysdale
2015-08-13 18:47 ` Kees Cook
2015-08-13 21:35 ` Denys Vlasenko
2015-08-13 21:47 ` Andy Lutomirski
2015-08-13 22:49 ` Linus Torvalds
2015-08-13 22:54 ` Linus Torvalds
2015-08-13 22:56 ` Kees Cook
2015-08-13 22:59 ` Andy Lutomirski
2015-08-13 23:14 ` Kees Cook
2015-08-13 23:30 ` Linus Torvalds
2015-08-14 11:58 ` Denys Vlasenko
2015-08-14 14:27 ` Andy Lutomirski
2015-08-14 7:33 ` David Drysdale
2015-08-13 22:58 ` Andy Lutomirski
2015-08-13 23:25 ` Linus Torvalds
2015-08-13 22:27 ` Linus Torvalds
2015-08-14 11:20 ` Denys Vlasenko [this message]
2015-08-22 10:03 ` Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55CDCEF4.1090906@redhat.com \
--to=dvlasenk@redhat.com \
--cc=akataria@vmware.com \
--cc=ast@plumgrid.com \
--cc=bp@alien8.de \
--cc=drysdale@google.com \
--cc=fweisbec@gmail.com \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mingo@kernel.org \
--cc=oleg@redhat.com \
--cc=rostedt@goodmis.org \
--cc=torvalds@linux-foundation.org \
--cc=wad@chromium.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.