From: Andi Kleen <andi@firstfloor.org>
To: md@google.com (Michael Davidson)
Cc: mingo@redhat.com, tglx@linutronix.de, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] x86: prevent binaries from making system calls using the wrong syscall interface
Date: Fri, 08 Aug 2008 13:16:32 +0200 [thread overview]
Message-ID: <87ljz74uzz.fsf@basil.nowhere.org> (raw)
In-Reply-To: <20080807003459.37CC629624@localhost> (Michael Davidson's message of "Wed, 6 Aug 2008 17:34:59 -0700 (PDT)")
md@google.com (Michael Davidson) writes:
> Prevent binaries from making system calls using other than one
> of the "normal" system call interfaces for that binary type.
>
> Currently there is nothing to prevent 64 bit binaries from
> attempting to make system calls using the 32 bit system call
> interfaces and vice versa.
nack. That was allowed intentionally because there are some
use cases for 32bit syscalls from 64bit (e.g. 64bit JIT running
32bit executable). I believe it is used in production in
a few cases.
>
> Since the 32 bit and 64 bit system call numbers are different
> this means that a binary could attempt to obfuscate which system
> calls it was actually making by using the "wrong" system call
> interface. In particular, the call to audit_syscall_entry()
> relies on checking the TIF_IA32 flag to determine whether it is
> dealing with a 32 or 64 bit system call without regard to the
> actual type of system call that was made.While this specific issue
> could be addressed by checking the TS_COMPAT flag in threadinfo_status
> it seems preferable to simply disallow this situation altogether.
audit is wrong to assume this and should be just fixed
-Andi
next prev parent reply other threads:[~2008-08-08 11:16 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-08-07 0:34 [PATCH] x86: prevent binaries from making system calls using the wrong syscall interface Michael Davidson
2008-08-07 7:49 ` Pavel Machek
2008-08-07 7:50 ` Mikael Pettersson
2008-08-07 10:15 ` Alan Cox
2008-08-07 14:14 ` Arjan van de Ven
2008-08-08 6:29 ` Jeremy Fitzhardinge
2008-08-08 11:16 ` Andi Kleen [this message]
2008-08-08 16:09 ` Michael Davidson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ljz74uzz.fsf@basil.nowhere.org \
--to=andi@firstfloor.org \
--cc=linux-kernel@vger.kernel.org \
--cc=md@google.com \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.