From: David Laight <David.Laight@ACULAB.COM>
To: 'Dominik Brodowski' <linux@dominikbrodowski.net>,
Matthew Wilcox <willy@infradead.org>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"viro@ZenIV.linux.org.uk" <viro@ZenIV.linux.org.uk>,
"torvalds@linux-foundation.org" <torvalds@linux-foundation.org>,
"arnd@arndb.de" <arnd@arndb.de>,
"linux-arch@vger.kernel.org" <linux-arch@vger.kernel.org>,
"hmclauchlan@fb.com" <hmclauchlan@fb.com>,
"tautschn@amazon.co.uk" <tautschn@amazon.co.uk>,
Amir Goldstein <amir73il@gmail.com>,
Andi Kleen <ak@linux.intel.com>,
Andrew Morton <akpm@linux-foundation.org>,
Christoph Hellwig <hch@infradead.org>,
Darren Hart <dvhart@infradead.org>,
"David S . Miller" <davem@davemloft.net>,
"Eric W . Biederman" <ebiederm@xmission.com>,
"H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@kernel.org>,
Jaswinder Singh <jaswinder@infradead.org>,
Jeff Dike <jdike@addtoit.com>, Jiri Slaby <jslaby@suse.com>,
"kexec@lists.infradead.org" <kexec@lists.infradead.org>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"linux-s390@vger.kernel.org" <linux-s390@vger.kernel.org>,
"Luis R . Rodriguez" <mcgrof@kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
"user-mode-linux-devel@lists.sourceforge.net"
<user-mode-linux-devel@lists.sourceforge.net>,
"x86@kernel.org" <x86@kernel.org>
Subject: RE: [PATCH 000/109] remove in-kernel calls to syscalls
Date: Thu, 29 Mar 2018 14:46:44 +0000 [thread overview]
Message-ID: <07438b1e94ff42a184adb7134a680069@AcuMS.aculab.com> (raw)
In-Reply-To: <20180329144209.GA25559@isilmar-4.linta.de>
From: Dominik Brodowski
> Sent: 29 March 2018 15:42
> On Thu, Mar 29, 2018 at 07:20:27AM -0700, Matthew Wilcox wrote:
> > On Thu, Mar 29, 2018 at 01:22:37PM +0200, Dominik Brodowski wrote:
> > > At least on 64-bit x86, it will likely be a hard requirement from v4.17
> > > onwards to not call system call functions in the kernel: It is better to
> > > use use a different calling convention for system calls there, where
> > > struct pt_regs is decoded on-the-fly in a syscall wrapper which then hands
> > > processing over to the actual syscall function. This means that only those
> > > parameters which are actually needed for a specific syscall are passed on
> > > during syscall entry, instead of filling in six CPU registers with random
> > > user space content all the time (which may cause serious trouble down the
> > > call chain).[*]
> >
> > How do we stop new ones from springing up? Some kind of linker trick
> > like was used to, er, "dissuade" people from using gets()?
>
> Once the patches which modify the syscall calling convention are merged,
> it won't compile on 64-bit x86, but bark loudly. That should frighten anyone.
> Meow.
Should be pretty easy to ensure the prototypes aren't in any normal header.
Renaming the global symbols (to not match the function name) will make it
much harder to call them as well.
David
next prev parent reply other threads:[~2018-03-29 14:46 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-29 11:22 [PATCH 000/109] remove in-kernel calls to syscalls Dominik Brodowski
2018-03-29 11:23 ` [PATCH 044/109] mm: add kernel_migrate_pages() helper, move compat syscall to mm/mempolicy.c Dominik Brodowski
2018-03-29 11:23 ` [PATCH 045/109] mm: add kernel_move_pages() helper, move compat syscall to mm/migrate.c Dominik Brodowski
2018-03-29 11:23 ` [PATCH 046/109] mm: add kernel_mbind() helper; remove in-kernel call to syscall Dominik Brodowski
2018-03-29 11:23 ` [PATCH 047/109] mm: add kernel_[sg]et_mempolicy() helpers; remove in-kernel calls to syscalls Dominik Brodowski
2018-03-29 11:24 ` [PATCH 096/109] mm: add ksys_fadvise64_64() helper; remove in-kernel call to sys_fadvise64_64() Dominik Brodowski
2018-03-29 11:24 ` [PATCH 097/109] mm: add ksys_mmap_pgoff() helper; remove in-kernel calls to sys_mmap_pgoff() Dominik Brodowski
2018-03-29 11:24 ` [PATCH 098/109] mm: add ksys_readahead() helper; remove in-kernel calls to sys_readahead() Dominik Brodowski
2018-03-29 14:20 ` [PATCH 000/109] remove in-kernel calls to syscalls Matthew Wilcox
2018-03-29 14:42 ` Dominik Brodowski
2018-03-29 14:46 ` David Laight [this message]
2018-03-29 14:55 ` Dominik Brodowski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=07438b1e94ff42a184adb7134a680069@AcuMS.aculab.com \
--to=david.laight@aculab.com \
--cc=ak@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=amir73il@gmail.com \
--cc=arnd@arndb.de \
--cc=davem@davemloft.net \
--cc=dvhart@infradead.org \
--cc=ebiederm@xmission.com \
--cc=hch@infradead.org \
--cc=hmclauchlan@fb.com \
--cc=hpa@zytor.com \
--cc=jaswinder@infradead.org \
--cc=jdike@addtoit.com \
--cc=jslaby@suse.com \
--cc=kexec@lists.infradead.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux@dominikbrodowski.net \
--cc=mcgrof@kernel.org \
--cc=mingo@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=tautschn@amazon.co.uk \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=user-mode-linux-devel@lists.sourceforge.net \
--cc=viro@ZenIV.linux.org.uk \
--cc=willy@infradead.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).