lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Mar 2015 20:59:14 -0400 From: Brian Gerst <brgerst@...il.com> To: Denys Vlasenko <dvlasenk@...hat.com> Cc: Ingo Molnar <mingo@...nel.org>, Denys Vlasenko <vda.linux@...glemail.com>, Andy Lutomirski <luto@...capital.net>, Linus Torvalds <torvalds@...ux-foundation.org>, Steven Rostedt <rostedt@...dmis.org>, Borislav Petkov <bp@...en8.de>, "H. Peter Anvin" <hpa@...or.com>, Oleg Nesterov <oleg@...hat.com>, Frederic Weisbecker <fweisbec@...il.com>, Alexei Starovoitov <ast@...mgrid.com>, Will Drewry <wad@...omium.org>, Kees Cook <keescook@...omium.org>, X86 ML <x86@...nel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] x86: vdso32/syscall.S: do not load __USER32_DS to %ss On Tue, Mar 24, 2015 at 4:17 PM, Denys Vlasenko <dvlasenk@...hat.com> wrote: > On 03/24/2015 05:55 PM, Brian Gerst wrote: >>>> Might be nice to place a more generic description there, which >>>> registers are expected to be saved by user-space calling in here, etc. >>> >>> __kernel_vsyscall entry point has the same ABI in any 32-bit vDSO, >>> the good old int 0x80 calling convention: >>> >>> syscall# in eax, >>> params in ebx/ecx/edx/esi/edi/ebp, >>> all registers are preserved by the syscall. >>> >>> (I think we don't guarantee that all flags are preserved: >>> I have a testcase where DF gets cleared). >> >> DF should always be clear on any function call per the C ABI. But, >> eflags should be preserved, at least the non-privileged bits. I'd >> like to see that testcase. > > The testcase is a simplistic example of how to find and use > 32-bit vDSO to perform system calls. > > It also sets flags.DF before syscall, and checks whether registers > are preserved, including flags.DF. > > On 32-bit kernel (on Intel CPU, where vDSO uses SYSENTER), I see this: > > $ ./test32_syscall_vdso > Result:1 > > whereas on 64-bit it is > > ./test32_syscall_vdso > Result:0 > > "Result:1" means that DF was cleared. > > See attached source. > It looks like 32-bit native does not restore eflags before sysexit, while 64-bit compat does. -- Brian Gerst -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists