[PATCH] prctl: Add PR_GET_AUXV to copy auxv to userspace

[PATCH] prctl: Add PR_GET_AUXV to copy auxv to userspace

[Josh Triplett]

If a library wants to get information from auxv (for instance,
AT_HWCAP/AT_HWCAP2), it has a few options, none of them perfectly
reliable or ideal:

- Be main or the pre-main startup code, and grub through the stack above
  main. Doesn't work for a library.
- Call libc getauxval. Not ideal for libraries that are trying to be
  libc-independent and/or don't otherwise require anything from other
  libraries.
- Open and read /proc/self/auxv. Doesn't work for libraries that may run
  in arbitrarily constrained environments that may not have /proc
  mounted (e.g. libraries that might be used by an init program or a
  container setup tool).
- Assume you're on the main thread and still on the original stack, and
  try to walk the stack upwards, hoping to find auxv. Extremely bad
  idea.
- Ask the caller to pass auxv in for you. Not ideal for a user-friendly
  library, and then your caller may have the same problem.

Add a prctl that copies current->mm->saved_auxv to a userspace buffer.

Signed-off-by: Josh Triplett <josh@joshtriplett.org>
---

I've built, booted, and tested this.

man-pages snippet:

.\" prctl PR_GET_AUXV
.TP
.BR PR_GET_AUXV " (since Linux 6.x)"
Get the auxilliary vector (auxv) into the buffer pointed to by
.IR "(void\~*) arg2" ,
whose length is given by \fIarg3\fP.
If the buffer is not long enough for the full auxilliary vector,
the copy will be truncated.
Return (as the function result)
the full length of the auxilliary vector.
\fIarg4\fP and \fIarg5\fP must be 0.

Will send a patch for man-pages once merged.

 include/uapi/linux/prctl.h |  2 ++
 kernel/sys.c               | 15 +++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h
index 1312a137f7fb..b2b24eaf2427 100644
--- a/include/uapi/linux/prctl.h
+++ b/include/uapi/linux/prctl.h
@@ -290,4 +290,6 @@ struct prctl_mm_map {
 #define PR_SET_VMA		0x53564d41
 # define PR_SET_VMA_ANON_NAME		0
 
+#define PR_GET_AUXV		0x41555856
+
 #endif /* _LINUX_PRCTL_H */
diff --git a/kernel/sys.c b/kernel/sys.c
index 495cd87d9bf4..fdd297507d7e 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -2377,6 +2377,16 @@ static inline int prctl_get_mdwe(unsigned long arg2, unsigned long arg3,
 		PR_MDWE_REFUSE_EXEC_GAIN : 0;
 }
 
+static int prctl_get_auxv(void __user *addr, unsigned long len)
+{
+	struct mm_struct *mm = current->mm;
+	unsigned long size = min(sizeof(mm->saved_auxv), len);
+
+	if (size && copy_to_user(addr, mm->saved_auxv, size))
+		return -EFAULT;
+	return sizeof(mm->saved_auxv);
+}
+
 SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3,
 		unsigned long, arg4, unsigned long, arg5)
 {
@@ -2661,6 +2671,11 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3,
 	case PR_SET_VMA:
 		error = prctl_set_vma(arg2, arg3, arg4, arg5);
 		break;
+	case PR_GET_AUXV:
+		if (arg4 || arg5)
+			return -EINVAL;
+		error = prctl_get_auxv((void __user *)arg2, arg3);
+		break;
 	default:
 		error = -EINVAL;
 		break;
-- 
2.40.0

Re: [PATCH] prctl: Add PR_GET_AUXV to copy auxv to userspace

[kernel test robot]

Hi Josh,

kernel test robot noticed the following build warnings:

[auto build test WARNING on linus/master]
[also build test WARNING on v6.3-rc5]
[cannot apply to akpm-mm/mm-everything next-20230404]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]

url:    https://github.com/intel-lab-lkp/linux/commits/Josh-Triplett/prctl-Add-PR_GET_AUXV-to-copy-auxv-to-userspace/20230404-140043
patch link:    https://lore.kernel.org/r/b11a591e085f1cd06adb454b1f7cde676d317318.1680585798.git.josh%40joshtriplett.org
patch subject: [PATCH] prctl: Add PR_GET_AUXV to copy auxv to userspace
config: i386-randconfig-a001-20230403 (https://download.01.org/0day-ci/archive/20230404/202304041715.c3b7aJd4-lkp@intel.com/config)
compiler: clang version 14.0.6 (https://github.com/llvm/llvm-project f28c006a5895fc0e329fe15fead81e37457cb1d1)
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # https://github.com/intel-lab-lkp/linux/commit/4323f9bd6c2ecbfd6be4f8a3830ea47a89558314
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review Josh-Triplett/prctl-Add-PR_GET_AUXV-to-copy-auxv-to-userspace/20230404-140043
        git checkout 4323f9bd6c2ecbfd6be4f8a3830ea47a89558314
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=i386 olddefconfig
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=i386 SHELL=/bin/bash

If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@intel.com>
| Link: https://lore.kernel.org/oe-kbuild-all/202304041715.c3b7aJd4-lkp@intel.com/

All warnings (new ones prefixed by >>):

>> kernel/sys.c:2383:23: warning: comparison of distinct pointer types ('typeof (sizeof (mm->saved_auxv)) *' (aka 'unsigned int *') and 'typeof (len) *' (aka 'unsigned long *')) [-Wcompare-distinct-pointer-types]
           unsigned long size = min(sizeof(mm->saved_auxv), len);
                                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   include/linux/minmax.h:67:19: note: expanded from macro 'min'
   #define min(x, y)       __careful_cmp(x, y, <)
                           ^~~~~~~~~~~~~~~~~~~~~~
   include/linux/minmax.h:36:24: note: expanded from macro '__careful_cmp'
           __builtin_choose_expr(__safe_cmp(x, y), \
                                 ^~~~~~~~~~~~~~~~
   include/linux/minmax.h:26:4: note: expanded from macro '__safe_cmp'
                   (__typecheck(x, y) && __no_side_effects(x, y))
                    ^~~~~~~~~~~~~~~~~
   include/linux/minmax.h:20:28: note: expanded from macro '__typecheck'
           (!!(sizeof((typeof(x) *)1 == (typeof(y) *)1)))
                      ~~~~~~~~~~~~~~ ^  ~~~~~~~~~~~~~~
   1 warning generated.


vim +2383 kernel/sys.c

  2379	
  2380	static int prctl_get_auxv(void __user *addr, unsigned long len)
  2381	{
  2382		struct mm_struct *mm = current->mm;
> 2383		unsigned long size = min(sizeof(mm->saved_auxv), len);
  2384	
  2385		if (size && copy_to_user(addr, mm->saved_auxv, size))
  2386			return -EFAULT;
  2387		return sizeof(mm->saved_auxv);
  2388	}
  2389	

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests

Re: [PATCH] prctl: Add PR_GET_AUXV to copy auxv to userspace

[Josh Triplett]

On Tue, Apr 04, 2023 at 05:58:51PM +0800, kernel test robot wrote:
> reproduce (this is a W=1 build):

Right, I *really* need to start doing W=1 builds. (Am I missing
something, or did kernel builds once emit warnings about type mismatches
on `min` by default?)

> >> kernel/sys.c:2383:23: warning: comparison of distinct pointer types ('typeof (sizeof (mm->saved_auxv)) *' (aka 'unsigned int *') and 'typeof (len) *' (aka 'unsigned long *')) [-Wcompare-distinct-pointer-types]

Will fix in v2.

Re: [PATCH] prctl: Add PR_GET_AUXV to copy auxv to userspace

[Nathan Chancellor]

On Tue, Apr 04, 2023 at 09:07:59PM +0900, Josh Triplett wrote:
> On Tue, Apr 04, 2023 at 05:58:51PM +0800, kernel test robot wrote:
> > reproduce (this is a W=1 build):
> 
> Right, I *really* need to start doing W=1 builds. (Am I missing
> something, or did kernel builds once emit warnings about type mismatches
> on `min` by default?)

I see this warning in a normal ARCH=arm allmodconfig build (i.e.,
without W=1). Perhaps you never did a 32-bit build, since that is the
only way this warning would appear?

> > >> kernel/sys.c:2383:23: warning: comparison of distinct pointer types ('typeof (sizeof (mm->saved_auxv)) *' (aka 'unsigned int *') and 'typeof (len) *' (aka 'unsigned long *')) [-Wcompare-distinct-pointer-types]
> 
> Will fix in v2.
> 

Cheers,
Nathan

Re: [PATCH] prctl: Add PR_GET_AUXV to copy auxv to userspace

[kernel test robot]

Hi Josh,

kernel test robot noticed the following build warnings:

[auto build test WARNING on linus/master]
[also build test WARNING on v6.3-rc5]
[cannot apply to akpm-mm/mm-everything next-20230404]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]

url:    https://github.com/intel-lab-lkp/linux/commits/Josh-Triplett/prctl-Add-PR_GET_AUXV-to-copy-auxv-to-userspace/20230404-140043
patch link:    https://lore.kernel.org/r/b11a591e085f1cd06adb454b1f7cde676d317318.1680585798.git.josh%40joshtriplett.org
patch subject: [PATCH] prctl: Add PR_GET_AUXV to copy auxv to userspace
config: arm-randconfig-r025-20230403 (https://download.01.org/0day-ci/archive/20230404/202304041710.JYcSAmPL-lkp@intel.com/config)
compiler: clang version 17.0.0 (https://github.com/llvm/llvm-project 67409911353323ca5edf2049ef0df54132fa1ca7)
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # install arm cross compiling tool for clang build
        # apt-get install binutils-arm-linux-gnueabi
        # https://github.com/intel-lab-lkp/linux/commit/4323f9bd6c2ecbfd6be4f8a3830ea47a89558314
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review Josh-Triplett/prctl-Add-PR_GET_AUXV-to-copy-auxv-to-userspace/20230404-140043
        git checkout 4323f9bd6c2ecbfd6be4f8a3830ea47a89558314
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=arm olddefconfig
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=arm SHELL=/bin/bash

If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@intel.com>
| Link: https://lore.kernel.org/oe-kbuild-all/202304041710.JYcSAmPL-lkp@intel.com/

All warnings (new ones prefixed by >>):

>> kernel/sys.c:2383:23: warning: comparison of distinct pointer types ('typeof (sizeof (mm->saved_auxv)) *' (aka 'unsigned int *') and 'typeof (len) *' (aka 'unsigned long *')) [-Wcompare-distinct-pointer-types]
           unsigned long size = min(sizeof(mm->saved_auxv), len);
                                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   include/linux/minmax.h:67:19: note: expanded from macro 'min'
   #define min(x, y)       __careful_cmp(x, y, <)
                           ^~~~~~~~~~~~~~~~~~~~~~
   include/linux/minmax.h:36:24: note: expanded from macro '__careful_cmp'
           __builtin_choose_expr(__safe_cmp(x, y), \
                                 ^~~~~~~~~~~~~~~~
   include/linux/minmax.h:26:4: note: expanded from macro '__safe_cmp'
                   (__typecheck(x, y) && __no_side_effects(x, y))
                    ^~~~~~~~~~~~~~~~~
   include/linux/minmax.h:20:28: note: expanded from macro '__typecheck'
           (!!(sizeof((typeof(x) *)1 == (typeof(y) *)1)))
                      ~~~~~~~~~~~~~~ ^  ~~~~~~~~~~~~~~
   1 warning generated.


vim +2383 kernel/sys.c

  2379	
  2380	static int prctl_get_auxv(void __user *addr, unsigned long len)
  2381	{
  2382		struct mm_struct *mm = current->mm;
> 2383		unsigned long size = min(sizeof(mm->saved_auxv), len);
  2384	
  2385		if (size && copy_to_user(addr, mm->saved_auxv, size))
  2386			return -EFAULT;
  2387		return sizeof(mm->saved_auxv);
  2388	}
  2389	

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests