lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Jan 2015 15:43:09 -0800 From: Kees Cook <keescook@...omium.org> To: Roman Peniaev <r.peniaev@...il.com> Cc: Russell King <linux@....linux.org.uk>, Christoffer Dall <christoffer.dall@...aro.org>, Stefano Stabellini <stefano.stabellini@...citrix.com>, Sekhar Nori <nsekhar@...com>, Andy Lutomirski <luto@...capital.net>, Eric Paris <eparis@...hat.com>, Will Deacon <will.deacon@....com>, "linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH 2/2] ARM: entry-common,ptrace: do not pass scno to syscall_trace_enter On Tue, Jan 13, 2015 at 3:21 PM, Roman Peniaev <r.peniaev@...il.com> wrote: > On Wed, Jan 14, 2015 at 5:08 AM, Kees Cook <keescook@...omium.org> wrote: >> On Sun, Jan 11, 2015 at 6:32 AM, Roman Pen <r.peniaev@...il.com> wrote: >>> In previous patch current_thread_info()->syscall is set with >>> corresponding syscall number prior to further calls, thus there >>> is no any need to pass 'scno'. >>> >>> Also, add explicit comment why do we have to reread 'scno' local >>> variable. >>> >>> Signed-off-by: Roman Pen <r.peniaev@...il.com> >>> Cc: Russell King <linux@....linux.org.uk> >>> Cc: Christoffer Dall <christoffer.dall@...aro.org> >>> Cc: Stefano Stabellini <stefano.stabellini@...citrix.com> >>> Cc: Sekhar Nori <nsekhar@...com> >>> Cc: Kees Cook <keescook@...omium.org> >>> Cc: Andy Lutomirski <luto@...capital.net> >>> Cc: Eric Paris <eparis@...hat.com> >>> Cc: Will Deacon <will.deacon@....com> >>> Cc: linux-arm-kernel@...ts.infradead.org >>> Cc: linux-kernel@...r.kernel.org >>> --- >>> arch/arm/kernel/entry-common.S | 1 - >>> arch/arm/kernel/ptrace.c | 6 ++++-- >>> 2 files changed, 4 insertions(+), 3 deletions(-) >>> >>> diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry-common.S >>> index 89452ff..3d12eb5 100644 >>> --- a/arch/arm/kernel/entry-common.S >>> +++ b/arch/arm/kernel/entry-common.S >>> @@ -228,7 +228,6 @@ ENDPROC(vector_swi) >>> * context switches, and waiting for our parent to respond. >>> */ >>> __sys_trace: >>> - mov r1, scno >>> add r0, sp, #S_OFF >>> bl syscall_trace_enter >>> >>> diff --git a/arch/arm/kernel/ptrace.c b/arch/arm/kernel/ptrace.c >>> index ef9119f..1238787 100644 >>> --- a/arch/arm/kernel/ptrace.c >>> +++ b/arch/arm/kernel/ptrace.c >>> @@ -928,9 +928,9 @@ static void tracehook_report_syscall(struct pt_regs *regs, >>> regs->ARM_ip = ip; >>> } >>> >>> -asmlinkage int syscall_trace_enter(struct pt_regs *regs, int scno) >>> +asmlinkage int syscall_trace_enter(struct pt_regs *regs) >>> { >>> - current_thread_info()->syscall = scno; >>> + int scno = current_thread_info()->syscall; >> >> Was this assignment of current_thread_info()->syscall redundant? If >> so, this looks fine. If not, what will now be setting the thread_info? > > [sorry, i have to resend this email because previously I sent it using my phone > and arm maillist rejected it because of html inside] > > Yes, it is redundant. > Because of the previous patch thread_info->syscall already contains > corresponding scnr, > so we use it instead of passing the same number from asm. Ah! Okay, I wasn't CCed on the 1/2 patch. I see it now, thanks! > So everything should work fine without current patch, and also current > patch should not > change anything in the expected behavior. Great. If this still passes the seccomp testsuite, I'm fine for it. I can test it later this week if no one else gets to it. Reviewed-by: Kees Cook <keescook@...omium.org> Thanks! -Kees > > -- > Roman > > > > >> >> -Kees >> >>> >>> /* Do the secure computing check first; failures should be fast. */ >>> #ifdef CONFIG_HAVE_ARCH_SECCOMP_FILTER >>> @@ -944,6 +944,8 @@ asmlinkage int syscall_trace_enter(struct pt_regs *regs, int scno) >>> if (test_thread_flag(TIF_SYSCALL_TRACE)) >>> tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER); >>> >>> + /* Syscall can be aborted (-1 can be set) or even changed >>> + * by the tracer and subsequent PTRACE_SET_SYSCALL request */ >>> scno = current_thread_info()->syscall; >>> >>> if (test_thread_flag(TIF_SYSCALL_TRACEPOINT)) >>> -- >>> 2.1.3 >>> >> >> >> >> -- >> Kees Cook >> Chrome OS Security -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists