lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20170314025735.GA18046@altlinux.org>
Date:   Tue, 14 Mar 2017 05:57:35 +0300
From:   "Dmitry V. Levin" <ldv@...linux.org>
To:     Andrew Lutomirski <luto@....edu>
Cc:     Elvira Khabirova <lineprinter0@...il.com>,
        Denys Vlasenko <vda.linux@...glemail.com>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Indan Zupancic <indan@....nu>, Oleg Nesterov <oleg@...hat.com>,
        Andi Kleen <andi@...stfloor.org>,
        Jamie Lokier <jamie@...reable.org>,
        Will Drewry <wad@...omium.org>,
        Kees Cook <keescook@...omium.org>,
        John Johansen <john.johansen@...onical.com>, pmoore@...hat.com,
        Eric Paris <eparis@...hat.com>, djm@...drot.org,
        segoon@...nwall.com, Steven Rostedt <rostedt@...dmis.org>,
        James Morris <jmorris@...ei.org>,
        Chris Evans <scarybeasts@...il.com>,
        Avi Kivity <avi@...hat.com>, penberg@...helsinki.fi,
        Al Viro <viro@...iv.linux.org.uk>, Ingo Molnar <mingo@...e.hu>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Andi Kleen <ak@...ux.intel.com>,
        Eric Dumazet <eric.dumazet@...il.com>, dhowells@...hat.com,
        daniel.lezcano@...e.fr,
        Linux FS Devel <linux-fsdevel@...r.kernel.org>,
        linux-security-module <linux-security-module@...r.kernel.org>,
        olofj@...omium.org, Michael Halcrow <mhalcrow@...gle.com>,
        Roland McGrath <mcgrathr@...omium.org>,
        linux-kernel@...r.kernel.org
Subject: Re: Compat 32-bit syscall entry from 64-bit task!?

On Wed, Mar 08, 2017 at 08:39:55PM -0800, Andrew Lutomirski wrote:
> On Wed, Mar 8, 2017 at 3:41 PM, Dmitry V. Levin wrote:
[...]
> > Is there any progress with this (or any alternative) solution?
> >
> > I see the kernel side has changed a bit, and the strace part
> > is in a better shape than 5 years ago (although I'm biased of course),
> > but I don't see any kernel interface that would allow strace to reliably
> > recognize this 0x80 case.
> 
> I am strongly opposed to fudging registers to half-arsedly slightly
> improve the epicly crappy ptrace(2) interface for syscalls.
> 
> To fix this right, please just add PTRACE_GET_SYSCALL_INFO or similar
> to, in one shot, read out all the syscall details.  This means: arch,
> no, arg0..arg5, and *whether it's entry or exit*.  I propose returning
> this structure:
> 
> struct ptrace_syscall_info {
>   u8 op;  /* 0 for entry, 1 for exit */
>   u8 pad0;
>   u16 pad1;
>   u32 pad2;
>   union {
>     struct seccomp_data syscall_entry;
>     s64 syscall_exit_retval;
>   };
> };
> 
> because struct seccomp_data already gets this right.  There's plenty
> of opportunity to fine-tune this.  Now it works on all architectures.

Unfortunately, the API is missing.

Unlike syscall_get_nr(), syscall_get_arch() works with the current task
only so there is no API to get the arch identifier for the given task
that would work on all architectures.


-- 
ldv

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ