From patchwork Tue Nov 18 01:10:34 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: AKASHI Takahiro X-Patchwork-Id: 40982 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-la0-f69.google.com (mail-la0-f69.google.com [209.85.215.69]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id BCFC224035 for ; Tue, 18 Nov 2014 01:11:57 +0000 (UTC) Received: by mail-la0-f69.google.com with SMTP id gq15sf1447569lab.0 for ; Mon, 17 Nov 2014 17:11:56 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:delivered-to:from:to:cc:subject :date:message-id:in-reply-to:references:sender:precedence:list-id :x-original-sender:x-original-authentication-results:mailing-list :list-post:list-help:list-archive:list-unsubscribe; bh=D/Ke206f/0M1ELivvI3Tp6y5mr/E1sQeDCxyGVWuyx4=; b=FCp5Itf2fwUzncGl4eiLlmxt5Bgd2Uwhc45xlVH3MNIU9dtOv+617SnfgC1i9Zw3J1 G/CNpwfBXdlQ2gZ+XKxEc1CBhKhrS/1vWw386xA4D7UMTF2gZxTP5SoBTQg6VSf01pWG NXXPC+FNYyvOjiwDHh/zTnXmNoSf92V6Tn4PEegqh34+qgtWMBuoh72QjZjhHxMYm/TZ ikMH5YEqyfFpOa7eWeECt3qNtyz40OL7NgO5AMKY9dtirJ5ddGl2R7o7v/6yJbTzDa3G FWWmY3PrXb7B5p8Qk5uLLuGZ9fQjBhb8Y0HbFdcJRXMC4WDWcM+yHhzlMcUIJn4GQkQ6 s3zQ== X-Gm-Message-State: ALoCoQl3FB2JM7xmPZ5AlGBpoCdbUM9lzhNwQdxk6JlQtOpv2yv6/dMH9pwKs4HKrRoak5P4kZmI X-Received: by 10.152.42.196 with SMTP id q4mr1099047lal.6.1416273116057; Mon, 17 Nov 2014 17:11:56 -0800 (PST) MIME-Version: 1.0 X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.43.12 with SMTP id s12ls536896lal.26.gmail; Mon, 17 Nov 2014 17:11:55 -0800 (PST) X-Received: by 10.152.43.80 with SMTP id u16mr32294768lal.53.1416273115628; Mon, 17 Nov 2014 17:11:55 -0800 (PST) Received: from mail-lb0-f171.google.com (mail-lb0-f171.google.com. [209.85.217.171]) by mx.google.com with ESMTPS id y1si28118459laa.37.2014.11.17.17.11.55 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 17 Nov 2014 17:11:55 -0800 (PST) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.171 as permitted sender) client-ip=209.85.217.171; Received: by mail-lb0-f171.google.com with SMTP id b6so16964703lbj.16 for ; Mon, 17 Nov 2014 17:11:55 -0800 (PST) X-Received: by 10.152.87.100 with SMTP id w4mr31409863laz.27.1416273115467; Mon, 17 Nov 2014 17:11:55 -0800 (PST) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.184.201 with SMTP id ew9csp1256959lbc; Mon, 17 Nov 2014 17:11:54 -0800 (PST) X-Received: by 10.68.221.162 with SMTP id qf2mr7375933pbc.148.1416273113743; Mon, 17 Nov 2014 17:11:53 -0800 (PST) Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t3si36601944pdr.161.2014.11.17.17.11.53 for ; Mon, 17 Nov 2014 17:11:53 -0800 (PST) Received-SPF: none (google.com: linux-kernel-owner@vger.kernel.org does not designate permitted sender hosts) client-ip=209.132.180.67; Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753651AbaKRBLn (ORCPT + 26 others); Mon, 17 Nov 2014 20:11:43 -0500 Received: from mail-pa0-f44.google.com ([209.85.220.44]:50140 "EHLO mail-pa0-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753616AbaKRBLm (ORCPT ); Mon, 17 Nov 2014 20:11:42 -0500 Received: by mail-pa0-f44.google.com with SMTP id et14so8587198pad.17 for ; Mon, 17 Nov 2014 17:11:41 -0800 (PST) X-Received: by 10.68.162.66 with SMTP id xy2mr12885185pbb.28.1416273101708; Mon, 17 Nov 2014 17:11:41 -0800 (PST) Received: from localhost.localdomain (KD182249087116.au-net.ne.jp. [182.249.87.116]) by mx.google.com with ESMTPSA id cf12sm36225005pdb.77.2014.11.17.17.11.36 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 17 Nov 2014 17:11:40 -0800 (PST) From: AKASHI Takahiro To: keescook@chromium.org, catalin.marinas@arm.com, will.deacon@arm.com Cc: dsaxena@linaro.org, arndb@arndb.de, linux-arm-kernel@lists.infradead.org, linaro-kernel@lists.linaro.org, linux-kernel@vger.kernel.org, AKASHI Takahiro Subject: [PATCH v8 2/6] arm64: ptrace: allow tracer to skip a system call Date: Tue, 18 Nov 2014 10:10:34 +0900 Message-Id: <1416273038-15590-3-git-send-email-takahiro.akashi@linaro.org> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1416273038-15590-1-git-send-email-takahiro.akashi@linaro.org> References: <1416273038-15590-1-git-send-email-takahiro.akashi@linaro.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: list List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: takahiro.akashi@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.171 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 List-Post: , List-Help: , List-Archive: List-Unsubscribe: , If tracer specifies -1 as a syscall number, this traced system call should be skipped with a return value specified in x0. This patch implements this semantics, but there is one restriction here: syscall(-1) always return ENOSYS whatever value is stored in x0 (a return value) at syscall entry. Normally, with ptrace off, syscall(-1) returns -ENOSYS. With ptrace on, however, if a tracer didn't pay any attention to user-issued syscall(-1) and just let it go, it would return a value in x0 as in other system call cases. This means that this system call might succeed and yet see any bogus return value. This should be definitely avoided. Please also note: * syscall entry tracing and syscall exit tracing (ftrace tracepoint and audit) are always executed, if enabled, even when skipping a system call (that is, -1). In this way, we can avoid a potential bug where audit_syscall_entry() might be called without audit_syscall_exit() at the previous system call being called, that would cause OOPs in audit_syscall_entry(). Signed-off-by: AKASHI Takahiro --- arch/arm64/kernel/entry.S | 3 +++ arch/arm64/kernel/ptrace.c | 18 ++++++++++++++++++ 2 files changed, 21 insertions(+) diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S index 726b910..01118b1 100644 --- a/arch/arm64/kernel/entry.S +++ b/arch/arm64/kernel/entry.S @@ -670,6 +670,8 @@ ENDPROC(el0_svc) __sys_trace: mov x0, sp bl syscall_trace_enter + cmp w0, #-1 // skip the syscall? + b.eq __sys_trace_return_skipped adr lr, __sys_trace_return // return address uxtw scno, w0 // syscall number (possibly new) mov x1, sp // pointer to regs @@ -684,6 +686,7 @@ __sys_trace: __sys_trace_return: str x0, [sp] // save returned x0 +__sys_trace_return_skipped: mov x0, sp bl syscall_trace_exit b ret_to_user diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c index 8b98781..34b1e85 100644 --- a/arch/arm64/kernel/ptrace.c +++ b/arch/arm64/kernel/ptrace.c @@ -1149,6 +1149,8 @@ static void tracehook_report_syscall(struct pt_regs *regs, asmlinkage int syscall_trace_enter(struct pt_regs *regs) { + int orig_syscallno = regs->syscallno; + if (test_thread_flag(TIF_SYSCALL_TRACE)) tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER); @@ -1158,6 +1160,22 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs) audit_syscall_entry(regs->syscallno, regs->orig_x0, regs->regs[1], regs->regs[2], regs->regs[3]); + if (((int)regs->syscallno == -1) && (orig_syscallno == -1)) { + /* + * user-issued syscall(-1): + * RESTRICTION: We always return ENOSYS whatever value is + * stored in x0 (a return value) at this point. + * Normally, with ptrace off, syscall(-1) returns -ENOSYS. + * With ptrace on, however, if a tracer didn't pay any + * attention to user-issued syscall(-1) and just let it go + * without a hack here, it would return a value in x0 as in + * other system call cases. This means that this system call + * might succeed and see any bogus return value. + * This should be definitely avoided. + */ + regs->regs[0] = -ENOSYS; + } + return regs->syscallno; }