From: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
To: "Maciej W. Rozycki" <macro@orcam.me.uk>
Cc: Oleg Nesterov <oleg@redhat.com>,
"Dmitry V. Levin" <ldv@strace.io>,
Jiaxun Yang <jiaxun.yang@flygoat.com>,
linux-mips@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] MIPS: Export syscall stack arguments properly for remote use
Date: Thu, 13 Feb 2025 12:44:17 +0100 [thread overview]
Message-ID: <Z63bEfoSJnLumOCa@alpha.franken.de> (raw)
In-Reply-To: <alpine.DEB.2.21.2502101732120.65342@angie.orcam.me.uk>
On Tue, Feb 11, 2025 at 06:22:30PM +0000, Maciej W. Rozycki wrote:
> We have several places across the kernel where we want to access another
> task's syscall arguments, such as ptrace(2), seccomp(2), etc., by making
> a call to syscall_get_arguments().
>
> This works for register arguments right away by accessing the task's
> `regs' member of `struct pt_regs', however for stack arguments seen with
> 32-bit/o32 kernels things are more complicated. Technically they ought
> to be obtained from the user stack with calls to an access_remote_vm(),
> but we have an easier way available already.
>
> So as to be able to access syscall stack arguments as regular function
> arguments following the MIPS calling convention we copy them over from
> the user stack to the kernel stack in arch/mips/kernel/scall32-o32.S, in
> handle_sys(), to the current stack frame's outgoing argument space at
> the top of the stack, which is where the handler called expects to see
> its incoming arguments. This area is also pointed at by the `pt_regs'
> pointer obtained by task_pt_regs().
>
> Make the o32 stack argument space a proper member of `struct pt_regs'
> then, by renaming the existing member from `pad0' to `args' and using
> generated offsets to access the space. No functional change though.
>
> With the change in place the o32 kernel stack frame layout at the entry
> to a syscall handler invoked by handle_sys() is therefore as follows:
>
> $sp + 68 -> | ... | <- pt_regs.regs[9]
> +---------------------+
> $sp + 64 -> | $t0 | <- pt_regs.regs[8]
> +---------------------+
> $sp + 60 -> | $a3/argument #4 | <- pt_regs.regs[7]
> +---------------------+
> $sp + 56 -> | $a2/argument #3 | <- pt_regs.regs[6]
> +---------------------+
> $sp + 52 -> | $a1/argument #2 | <- pt_regs.regs[5]
> +---------------------+
> $sp + 48 -> | $a0/argument #1 | <- pt_regs.regs[4]
> +---------------------+
> $sp + 44 -> | $v1 | <- pt_regs.regs[3]
> +---------------------+
> $sp + 40 -> | $v0 | <- pt_regs.regs[2]
> +---------------------+
> $sp + 36 -> | $at | <- pt_regs.regs[1]
> +---------------------+
> $sp + 32 -> | $zero | <- pt_regs.regs[0]
> +---------------------+
> $sp + 28 -> | stack argument #8 | <- pt_regs.args[7]
> +---------------------+
> $sp + 24 -> | stack argument #7 | <- pt_regs.args[6]
> +---------------------+
> $sp + 20 -> | stack argument #6 | <- pt_regs.args[5]
> +---------------------+
> $sp + 16 -> | stack argument #5 | <- pt_regs.args[4]
> +---------------------+
> $sp + 12 -> | psABI space for $a3 | <- pt_regs.args[3]
> +---------------------+
> $sp + 8 -> | psABI space for $a2 | <- pt_regs.args[2]
> +---------------------+
> $sp + 4 -> | psABI space for $a1 | <- pt_regs.args[1]
> +---------------------+
> $sp + 0 -> | psABI space for $a0 | <- pt_regs.args[0]
> +---------------------+
>
> holding user data received and with the first 4 frame slots reserved by
> the psABI for the compiler to spill the incoming arguments from $a0-$a3
> registers (which it sometimes does according to its needs) and the next
> 4 frame slots designated by the psABI for any stack function arguments
> that follow. This data is also available for other tasks to peek/poke
> at as reqired and where permitted.
>
> Signed-off-by: Maciej W. Rozycki <macro@orcam.me.uk>
> ---
> arch/mips/include/asm/ptrace.h | 4 ++--
> arch/mips/kernel/asm-offsets.c | 6 ++++++
> arch/mips/kernel/scall32-o32.S | 8 ++++----
> 3 files changed, 12 insertions(+), 6 deletions(-)
applied to mips-fixes
Thomas.
--
Crap can work. Given enough thrust pigs will fly, but it's not necessarily a
good idea. [ RFC1925, 2.3 ]
prev parent reply other threads:[~2025-02-13 12:16 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-11 18:22 [PATCH] MIPS: Export syscall stack arguments properly for remote use Maciej W. Rozycki
2025-02-11 23:02 ` [PATCH] MIPS: fix mips_get_syscall_arg() for o32 Dmitry V. Levin
2025-02-13 11:44 ` Thomas Bogendoerfer
2025-02-13 11:44 ` Thomas Bogendoerfer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z63bEfoSJnLumOCa@alpha.franken.de \
--to=tsbogend@alpha.franken.de \
--cc=jiaxun.yang@flygoat.com \
--cc=ldv@strace.io \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@vger.kernel.org \
--cc=macro@orcam.me.uk \
--cc=oleg@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.