| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 27 Feb 2014 16:16:29 -0500 From: Paul Moore <pmoore@...hat.com> To: libseccomp-discuss@...ts.sourceforge.net, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, linux-arch <linux-arch@...r.kernel.org> Cc: Andy Lutomirski <luto@...capital.net> Subject: Re: [libseccomp-discuss] Making a universal list of syscalls? On Thursday, February 27, 2014 12:40:32 PM Andy Lutomirski wrote: > Currently, dealing with Linux syscalls in an architecture-independent > way is a mess. Here are some issues: > > 1. There's no clean way to map between syscall names and numbers on > different architectures. The kernel contains a number of tables (that > work differently for different architectures). strace has some arcane > mechanism. libseccomp has another. This is a major pain point for libseccomp, what we have now is passable, and it works, but I cringe each time I look at it because I worry about maintaining it. I would be very happy if the kernel had some header/file/whatever that could be used by userspace applications to map syscall names/numbers for each architecture. > 2. There's no clean way to map between syscall argument registers and > logical syscall arguments. Each architecture knows how to do it, as > do strace and glibc, but I suspect that *everyone* else gets it wrong. > Especially on ARM. I remember looking into this with libseccomp, around the ARM time frame with Andy, and I believe I managed to reassure myself - not well, mind you - that we were *ok* with seccomp/libseccomp. However, having a argument mapping document/header/etc. would go a long way here. > 3. Determining which architectures have which syscalls is a mess. > Recent kernel builds love to warn me that finit_module is missing on > x86_64. This is simply not true. I have no idea why. Closely related to item #1. Also a major pain for libseccomp for the same reasons. > 5. Decoding ucontext from SIGSYS is a mess. I have prototype code > for libseccomp that can do it, but it gets the arguments wrong due to > ABI issues. See (2). I've actually been sitting on some of Andy's libseccomp code for this for a while now because the solution is very fiddly. Improvements here could make life much easier for us and remove a lot of my hesitation in merging Andy's code. -- paul moore security and virtualization @ redhat -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists