lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <201201260032.57937.vda.linux@googlemail.com>
Date:	Thu, 26 Jan 2012 00:32:57 +0100
From:	Denys Vlasenko <vda.linux@...glemail.com>
To:	Oleg Nesterov <oleg@...hat.com>
Cc:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Indan Zupancic <indan@....nu>,
	Andi Kleen <andi@...stfloor.org>,
	Jamie Lokier <jamie@...reable.org>,
	Andrew Lutomirski <luto@....edu>,
	Will Drewry <wad@...omium.org>, linux-kernel@...r.kernel.org,
	keescook@...omium.org, john.johansen@...onical.com,
	serge.hallyn@...onical.com, coreyb@...ux.vnet.ibm.com,
	pmoore@...hat.com, eparis@...hat.com, djm@...drot.org,
	segoon@...nwall.com, rostedt@...dmis.org, jmorris@...ei.org,
	scarybeasts@...il.com, avi@...hat.com, penberg@...helsinki.fi,
	viro@...iv.linux.org.uk, mingo@...e.hu, akpm@...ux-foundation.org,
	khilman@...com, borislav.petkov@....com, amwang@...hat.com,
	ak@...ux.intel.com, eric.dumazet@...il.com, gregkh@...e.de,
	dhowells@...hat.com, daniel.lezcano@...e.fr,
	linux-fsdevel@...r.kernel.org,
	linux-security-module@...r.kernel.org, olofj@...omium.org,
	mhalcrow@...gle.com, dlaor@...hat.com,
	Roland McGrath <mcgrathr@...omium.org>
Subject: Re: Compat 32-bit syscall entry from 64-bit task!?

On Wednesday 25 January 2012 20:36, Oleg Nesterov wrote:
> On 01/18, Linus Torvalds wrote:
> >
> > Using the high bits of 'eflags' might work.
> 
> I thought about changing eflags too, this looks very natural to me.
> 
> But I do not understand the result of this discussion, are you going
> to apply this change?
> 
> If not...
> 
> Not sure this is really better, but there is another idea. Currently we
> have PTRACE_O_TRACESYSGOOD to avoid the confusion with the real SIGTRAP.
> Perhaps we can add PTRACE_O_TRACESYS_VERY_GOOD (or we can look at
> PT_SEIZED instead) and report TS_COMPAT via ptrace_report_syscall ?
> 
> IOW. Currently ptrace_report_syscall() does
> 
> 	ptrace_notify(SIGTRAP | ((ptrace & PT_TRACESYSGOOD) ? 0x80 : 0));
> 
> We can add the new events,
> 
> 	PTRACE_EVENT_SYSCALL_ENTRY
> 	PTRACE_EVENT_SYSCALL_COMPAT_ENTRY
> 	PTRACE_EVENT_SYSCALL_EXIT
> 	PTRACE_EVENT_SYSCALL_COMPAT_EXIT

We can get away with just the first one.
(1) It's unlikely people would want to get native sysentry events but not compat ones,
thus first two options can be combined into one;
(2) syscall exit compat-ness is known from entry type - no need to indicate it; and
(3) if we would flag syscall entry with an event value in wait status, then syscall
exit will be already distinquisable.

Thus, minimally we need one new option, PTRACE_O_TRACE_SYSENTRY -
"on syscall entry ptrace stop, set a nonzero event value in wait status"
, and two event values: PTRACE_EVENT_SYSCALL_ENTRY (for native entry),
PTRACE_EVENT_SYSCALL_ENTRY1 for compat one.

To future-proof this scheme we may reserve a few more event values
PTRACE_EVENT_SYSCALL_ENTRY2, PTRACE_EVENT_SYSCALL_ENTRY3, etc,
if we'll ever have arches with more than one non-native syscall
entry. I'm no expert, but looking at strace code, ARM may already have
more than one additional convention how to pass syscall args.


-- 
vda
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ